Autonomous Execution
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: autonomous-execution Version: 1.1.0 The OpenClaw AgentSkills skill bundle is benign. The `SKILL.md` file, which contains instructions for the AI agent, explicitly defines strong security guardrails. It forbids the agent from autonomously accessing credentials, API keys, secrets, environment variables, or files outside the workspace. It also requires confirmation before performing sensitive actions like sending messages to external services, making purchases, deleting data, modifying system configurations, or running commands with elevated permissions. These instructions actively prevent common malicious behaviors like data exfiltration or unauthorized execution, aligning with a safe autonomous execution purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may work through multiple non-sensitive subtasks on its own instead of stopping after each step.
The skill intentionally changes the agent's operating style toward completing tasks without repeated prompts, while also stating confirmation boundaries.
Execute autonomously within clear limits. Finish the work, but confirm sensitive actions.
Use this skill when you want hands-off execution, and give clear task boundaries and explicit instructions for anything you want reviewed first.
The agent may read workspace files or perform searches/fetches during a task without asking each time.
The instructions permit autonomous use of existing read and fetch capabilities, but limit them to workspace/read-only use and separately require confirmation for sensitive actions.
CAN do autonomously: - Reading files in workspace - Making read-only API calls (search, fetch) - Processing data and generating output - Using allowed tools within their permissions - Retrying failed read operations
Keep the workspace narrow, avoid placing unrelated sensitive files in scope, and require confirmation for any external call if the task involves confidential information.
You have less external context for verifying who maintains the skill or how it changed between releases.
The registry information does not provide a source repository or homepage, so provenance is limited; the impact is reduced because the artifact set is instruction-only with no executable install components.
Source: unknown Homepage: none
Review the visible instructions before enabling it and verify the publisher if provenance matters for your environment.