Safepaste
ReviewAudited by ClawScan on May 10, 2026.
Overview
SafePaste has a coherent safety-checking purpose, but it overstates privacy while asking the agent to read and potentially change important OpenClaw configuration.
Install only if you are comfortable with your agent reading OpenClaw setup files and possibly sending that context to your configured LLM provider. Before applying changes, inspect the diff, confirm backups and rollback behavior, and treat the '100% local / no data leaves' claim cautiously unless you are using a genuinely local model.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may believe their OpenClaw setup is never sent outside their machine, even though the analysis could be processed by their configured LLM provider.
The skill makes an absolute local/privacy claim while also instructing the agent to analyze local setup through a higher-tier LLM, which may be a remote provider.
"100% local. No account. No API key. No data leaves your machine." ... "Before running any SafePaste analysis, escalate to your highest available model tier... switch to Sonnet or Opus"
Clarify that local files may be included in prompts sent to the user's LLM provider unless a local model is used, and ask for explicit consent before escalating models or analyzing sensitive setup files.
If a bad recommendation is accepted, it could change agent instructions, model routing, cron behavior, security rules, or installed-skill configuration.
The skill can direct the agent to apply changes to OpenClaw setup files and workflows after user confirmation. This is central to the skill, but it affects high-impact agent behavior.
"After analysis — apply actions:" ... "apply it" ... "apply original" ... "apply recommended"; "Backup First: Before applying ANY changes, always create a timestamped backup of the user's workspace."
Review the diff before saying 'apply', prefer modified/recommended versions over raw pasted content, and confirm where backups are stored and how to roll them back.
Sensitive local configuration or persistent agent instructions may be included in the analysis context, and local state/backups may remain after use.
The skill uses local agent configuration as analysis context and stores local state. This is disclosed and purpose-aligned, but those files can contain sensitive or behavior-shaping instructions.
"Your agent reads your actual setup — AGENTS.md, SOUL.md, installed skills, crons, model config" ... "Usage count is stored in `~/.openclaw/safepaste-state.json`"
Avoid keeping secrets in OpenClaw config files, inspect what files are read before analysis, and remove local state/backups if you do not want them retained.