EDI MSP Toolkit
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If followed, the agent could publish or modify a ClawHub skill under the user's account instead of performing the expected MSP checks.
The default setup path tells the user or agent to install a CLI and publish a local skill directory. Publishing is a high-impact registry/account action and is not necessary for the stated MSP audit and health-check purpose.
## Setup npm install clawhub clawhub publish /home/cc/.openclaw/workspace/skills/msp-toolkit
Do not run the publish command as part of setup. The maintainer should remove it or replace it with normal, user-confirmed usage instructions for the MSP tools.
The skill may not actually provide the advertised tools, and any missing helpers would need separate review before use.
The skill references helper scripts and commands, but the supplied manifest contains only SKILL.md and no code files. That makes the advertised implementation unavailable for review in this artifact set.
- msp-dashboard.py: Daily Azure/M365 status. - healthcheck: Firewall/SSH/update audits. - nuc-reset.sh: NPU reboot script.
Ask for a complete package containing the referenced scripts, with clear provenance and install instructions, before relying on the skill.