Back to skill
Skillv1.1.0
ClawScan security
Filter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 10, 2026, 8:19 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, files, and runtime instructions are consistent with its stated purpose (creating and storing local filter rules); it asks for no credentials or remote installs and only reads/writes a local rules.json under the user's OpenClaw workspace.
- Guidance
- This skill appears to do exactly what it says: create and store reusable filter rules locally. Before installing, note that it will create and overwrite ~/.openclaw/workspace/memory/filter/rules.json (ensure you have backups if you already use that path). The stored rules are plaintext JSON — avoid placing sensitive secrets inside rule criteria. There are no network calls or credential requests in the provided code, so external exfiltration is not indicated. If you are concerned about filesystem safety, run the script in a sandbox or inspect/verify the file path permissions (to avoid unexpected symlink or permission issues) before granting the agent broad automation rights.
Review Dimensions
- Purpose & Capability
- okName/description match the included files and script. Requiring python3 and a config path under ~/.openclaw/workspace/memory/filter for storing rules is appropriate and expected for a local rule-storage tool.
- Instruction Scope
- okSKILL.md and the included create_filter.py only describe/perform creating and saving filter rules. The instructions and script only read/write the declared rules.json path and do not reference other files, environment variables, or external endpoints.
- Install Mechanism
- okNo install spec; the skill is instruction-only with a small included Python script that uses only the standard library. Nothing is downloaded or written outside the user's OpenClaw workspace.
- Credentials
- okThe skill requests no credentials or environment variables. The only declared resource is a local config path for rules storage, which is proportional to the functionality.
- Persistence & Privilege
- okalways is false and the skill does not modify other skills or global agent configuration. It creates/updates a local rules.json file in the user's OpenClaw workspace, which is an appropriate scope for persistence.