Skillv1.0.0

ClawScan security

OpenClaw Teaching · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 11, 2026, 8:38 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is internally coherent for local knowledge management and document generation: it reads/writes the included KNOWLEDGE_BASE.md, creates backups, and generates PPT/Word files without requesting credentials or external installs — but a couple of minor mismatches (an 'auto-sync' claim and an odd sys.path insertion) deserve a careful look before use.
Guidance: This skill looks like a straightforward local knowledge-manager + document generator. Before installing: 1) Review the sys.path insertion in scripts/generate_docs.py — ensure it doesn't point to unexpected host paths in your environment. 2) Note that 'auto-sync with official docs' is advertised but no network sync code is present; if you need that feature, ask the maintainer for details. 3) Run the scripts in a safe/test environment first to confirm file output/backups go where you expect. 4) Ensure Python dependencies (python-docx, python-pptx, markdown) are installed from trusted sources. 5) Only proceed if you trust the skill's source (owner unknown) and are comfortable with it modifying the local KNOWLEDGE_BASE.md file and creating backups.

Review Dimensions

Purpose & Capability: noteThe skill's name, README, SKILL.md and included scripts align: they manage a local knowledge base and generate PPT/Word docs. However, the SKILL.md claims features like '自动同步: 与官方文档保持同步' (auto-sync with official docs) but I see no network sync or API code in the provided scripts to implement that. This is a functional mismatch (feature claim without implementation), not evidence of maliciousness.
Instruction Scope: noteRuntime instructions tell the agent to run the included scripts which operate on the supplied KNOWLEDGE_BASE.md, save outputs to user-specified paths and create backups in a local backups directory. The scripts read and write local files (expected). They do not request environment variables or contact external endpoints in the visible code. One code-line inserts a parent-relative path onto sys.path (sys.path.insert(... / 'docx' / 'scripts')), which is unusual and could cause Python to import code from a path outside the skill if that path resolves externally; it warrants review but is not necessarily malicious.
Install Mechanism: okNo install spec is present and this is effectively an instruction + script-only skill. Nothing is downloaded or extracted during install, which minimizes install-time risk. The scripts require standard Python packages (python-docx, python-pptx) but those are declared only in docs.
Credentials: okThe skill does not declare or require any environment variables, credentials, or external config paths. The operations shown (file parsing, backup creation, file output) are proportional to the skill's stated purpose.
Persistence & Privilege: ok'always' is false and the skill does not request persistent platform-wide privileges. The scripts create backups and modify the local KNOWLEDGE_BASE.md (expected behavior) but do not modify other skills or system-wide agent settings in the visible code.