Skillv1.0.0

ClawScan security

OpenClaw Config Field Validator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 24, 2026, 1:29 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions are consistent with a local OpenClaw config/schema validator; it does not request credentials or network secrets, but there are minor mismatches and a small bug to be aware of.
Guidance: This skill appears to do what it claims: validate OpenClaw configuration fields using a local schema. A few things to consider before installing or running it: - SKILL.md suggests the schema may be downloaded from GitHub, but the provided sync_schema.py currently only copies the built-in schema to the user's cache; it does not contact GitHub. If you expect automatic remote sync, that feature is not implemented here. - There is a small implementation bug: scripts/validate_field.py calls a nonexistent load_schema_fields() function (should use load_schema_json()), which can prevent single-field validation from working until fixed. validate_config.py and other modules use the correct loader. - The scripts run a local subprocess (openclaw --version) and may read package.json from common node_modules locations to determine the installed OpenClaw version — this is reasonable for version detection but will fail if OpenClaw isn't installed or the paths differ. - The skill writes cache files under ~/.config/openclaw/skills/config-field/ (schema.json, version.json); review those files if you are concerned about on-disk artifacts. - No credentials, network endpoints, or suspicious behavior were found in the code. Still, as a best practice: inspect the scripts locally, run them in a contained environment (or with a non-production config) the first time, and fix or patch the minor validate_field.py bug if you need single-field validation to work reliably.

Review Dimensions

Purpose & Capability: okName/description match the included Python scripts and built-in schema: scripts validate single fields or whole openclaw.json files and generate a field reference from a Zod-derived schema. Required artifacts (schema.json, scripts) are present and appropriate for the stated purpose.
Instruction Scope: noteSKILL.md claims automatic schema sync that can 'download matching schema from GitHub if needed', and examples show a curl-based install flow. In the actual scripts, schema synchronization currently copies the built-in schema to the user's cache and does not perform network downloads. The scripts read local OpenClaw version info (via an openclaw --version subprocess call and optional package.json paths) and read/write only under the user's config directory (~/.config/openclaw/skills/config-field). No instructions or code attempt to read unrelated system secrets or transmit data externally.
Install Mechanism: okThere is no install spec; this is instruction + bundled code. All code is local Python scripts and a built-in schema.json. No downloads-from-remote URLs or extract operations are performed by the provided scripts.
Credentials: okThe skill requests no environment variables or credentials. It does run a local subprocess 'openclaw --version' and may read package.json from common node_modules paths — both are relevant for determining local OpenClaw version and are proportional to the task. The skill caches data under the user's config directory only.
Persistence & Privilege: okThe skill stores a cached schema and version JSON under ~/.config/openclaw/skills/config-field/ which is expected for caching. It does not request always:true, does not modify other skills' config, and does not require elevated privileges.