Back to skill
Skillv0.1.0
ClawScan security
OpenClaw Session Grep · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 20, 2026, 1:06 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions match its stated purpose of searching local OpenClaw session/transcript history and do not ask for unrelated credentials or installs.
- Guidance
- This skill appears coherent and limited in scope. Before installing, verify the ocgrep binary at /root/.openclaw/workspace/tools/ocgrep is from a trusted source (inspect the binary or its repository/packaging) because the skill will run that local executable. Avoid running broad searches as noted (they can include non-transcript files), and do not run the wrapper with elevated privileges. If you need stronger assurance, request the ocgrep upstream/source and review its behavior for network/IO actions.
Review Dimensions
- Purpose & Capability
- okName/description ask for a local transcript search tool; the only required binary is the ocgrep CLI at /root/.openclaw/workspace/tools/ocgrep, which is directly relevant.
- Instruction Scope
- okSKILL.md only instructs running the local ocgrep CLI (and optionally jq) against OpenClaw transcript paths. It warns about broad searches and does not direct the agent to read unrelated system files or external endpoints.
- Install Mechanism
- okThis is an instruction-only skill with no install spec or code files, so nothing is written to disk by the skill itself.
- Credentials
- okNo environment variables, credentials, or config paths are requested beyond the single CLI path; requested access is minimal and appropriate for the task.
- Persistence & Privilege
- okThe skill is not always-enabled and does not declare modifications to other skills or system-wide settings; autonomous invocation is allowed (platform default) but not combined with other privileges.