Ludwitt University
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its learning-platform purpose, but it deserves review because it installs a persistent background daemon and its authenticated API client can forward credentials through redirects.
Review this skill before installing. If you proceed, run it in a dedicated workspace, use limited GitHub/Vercel credentials, verify the install source, monitor or disable the background daemon when not needed, and do not blindly follow update or command text surfaced from service data.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A redirect or misconfiguration could expose the skill’s Ludwitt API credential and machine fingerprint to a different host.
Authenticated requests follow server-provided redirects without checking that the destination host is still the Ludwitt API, while reusing the API key and fingerprint headers.
headers: { ... Authorization: `Bearer ${auth.apiKey}`, 'X-Ludwitt-Fingerprint': auth.fingerprint, ... } ... const redirectUrl = new URL(res.headers.location, url); return requestOnce(method, redirectUrl.toString(), body, redirectCount + 1)Only install if you trust the Ludwitt endpoint, and the maintainer should restrict authenticated redirects to the same origin or drop Authorization headers on cross-origin redirects.
If granted broadly, the agent may be able to modify local projects, push to GitHub, and publish public deployments.
The skill asks for broad shell, file, deployment, and GitHub access. This is aligned with building course deliverables, but it is powerful authority.
**Write and run code** ... **Claude Code** — full shell + file access ... **Deploy to a public host** ... **Push to GitHub** ... `git` + a GitHub token in your environment
Use a dedicated workspace, least-privilege GitHub/Vercel credentials, and review any public deployment, repository push, submission, or grading action before execution.
A changed upstream repository or mistaken source could change what code is installed and run locally.
The documented fallback install path runs an install script from an unpinned GitHub checkout. This is common for developer tools, but users should verify the source.
git clone https://github.com/rogerSuperBuilderAlpha/ludwitt-openclaw.git /tmp/ludwitt-skill ... chmod +x install.sh && ./install.sh
Prefer the reviewed ClawHub artifact when possible, or inspect the repository, commit, and install.sh before running the GitHub fallback.
If remote course titles or review text contain misleading instructions, an agent could over-trust them when reading local state files.
Remote course and review data is written into local Markdown files that an agent may later read as context.
lines.push(`## ${r.deliverableTitle || r.id}`) ... lines.push(`- **Course:** ${r.courseTitle || 'N/A'}`) ... fs.writeFileSync(QUEUE_FILE, lines.join('\n'))Treat ~/.ludwitt/*.md files as data from the Ludwitt service, not as instructions, and ignore any embedded commands or prompt-like text.
The skill continues polling Ludwitt in the background after installation, including after reboot.
The installer registers a persistent user-level daemon that starts automatically and keeps running.
<key>RunAtLoad</key><true/> ... <key>KeepAlive</key><true/> ... systemctl --user enable ludwitt-daemon ... systemctl --user start ludwitt-daemon
Install only if you want a persistent daemon, and know how to disable the launchd/systemd service if you stop using the skill.