Skillv1.0.0

ClawScan security

OpenCode Free Models · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 20, 2026, 9:22 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose: it fetches free models from opencode.ai and incrementally adds them to the user's OpenClaw/QClaw config file; it does not request secrets or install arbitrary software.
Guidance: This skill appears to do exactly what it says: fetch free models from opencode.ai and add them under an 'opencode-free' provider in your ~/.openclaw or ~/.qclaw config. Before installing or running: (1) back up your existing openclaw.json/qclaw file so you can revert changes, (2) verify you trust opencode.ai as the source of model metadata (the script will insert whatever the endpoint returns), and (3) if you need provenance, check the README's GitHub link manually to confirm the repository and author. No secrets are required, but be aware the script will write to files in your home directory.

Purpose & Capability: okName/description claim to fetch and configure free opencode.ai models. The included script and SKILL.md perform exactly that: GET https://opencode.ai/zen/v1/models, filter IDs containing 'free', and add entries under a single provider key in ~/.openclaw/openclaw.json or ~/.qclaw/openclaw.json. No unrelated credentials or subsystems are requested.
Instruction Scope: okRuntime instructions and the Python script only read/write the declared config paths and call the opencode.ai endpoint. They do not access other system files, environment secrets, or external endpoints beyond opencode.ai. The agent instructions explicitly limit the modification to models.providers and use a public API key.
Install Mechanism: okNo install spec is provided; the skill is instruction-only with a small included script. Nothing is downloaded from arbitrary URLs or installed to system locations.
Credentials: okThe skill requests no environment variables or credentials and uses the public API key 'public' as documented. There are no disproportionate or unexplained secrets requested.
Persistence & Privilege: noteThe skill writes to the user's OpenClaw/QClaw JSON config in the home directory (expected for a configuration helper). It does not require always:true and does not modify other skills or system-wide settings. Users should be aware it will change a file in their home directory when run.