Skillv1.0.0

ClawScan security

Claude Code Launcher · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 25, 2026, 10:52 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, script, and runtime instructions match its stated purpose (launching Claude Code and enabling Remote Control); nothing requested or installed is disproportionate, but it does capture screenshots and logs and starts a tool that can expose project contents to the Claude service, so treat it as privacy-sensitive.
Guidance: This skill appears to do what it says, but it performs sensitive local actions: it opens Terminal, runs `claude code` in your project directory (giving that process access to your project files), types UI commands via peekaboo, captures screenshots, and writes logs (including potential session URLs) to ~/.openclaw/workspace/logs/claude-code-launcher. Before installing/use: 1) Inspect the included script yourself (it is readable and matches the doc). 2) Verify you trust the Claude service and the claude CLI installation source. 3) Confirm you are comfortable granting Accessibility and Screen Recording permissions (these enable the automation and screenshots). 4) Run the script on a non-sensitive project first to observe behavior. 5) If you want to reduce risk, run the steps manually instead of granting automation, or remove screenshot/logging lines from the script. 6) Periodically review and delete logs that might contain session URLs or other secrets.

Review Dimensions

Purpose & Capability: okName/description, SKILL.md, and the included launch_claude_code.sh script are coherent: the script automates opening Terminal, cd'ing to a project, running `claude code`, sending `/remote-control`, and capturing a screenshot and logs. Required tools (peekaboo, claude CLI) are consistent with the stated functionality.
Instruction Scope: noteInstructions stay within the claimed scope (terminal automation, navigation, starting Claude Code, enabling Remote Control, screenshot capture, logging). Important privacy/security behavior is explicit: it captures screenshots, writes logs to ~/.openclaw/workspace/logs/claude-code-launcher, and makes the project available to the running Claude Code process — which can expose code or secrets to the remote Claude service. This is expected for the feature but is sensitive and worth user attention.
Install Mechanism: okNo install spec is provided (instruction-only skill) and the script references standard third-party CLIs (peekaboo via Homebrew tap and claude CLI via npm/Homebrew). No remote archive downloads or obscure URLs are used by the skill itself.
Credentials: noteThe skill requests no environment variables or credentials. It requires local permissions (Accessibility / Screen Recording) and write access to the target project and to ~/.openclaw workspace for logs. Those permissions and file accesses are proportionate to the automation task but can expose sensitive data (screenshots, session URLs, project files) so users should grant them only if they trust the workflow and the remote Claude service.
Persistence & Privilege: okalways is false and there is no installer that modifies other skills. The script creates logs under the user's home but does not request persistent elevated privileges or make system-wide configuration changes. Normal agent autonomy applies but is not exceptional here.