Skillv3.2.0

ClawScan security

Product Dev Ops Package · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 16, 2026, 1:51 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose and runtime instructions are coherent for a documentation/workflow assistant, but there are metadata inconsistencies and hidden metadata flags (auto-sync / auto-install) that don't match the instruction-only package — those mismatches warrant caution before installing.
Guidance: This package appears to be a documentation/workflow skill that will create and update project folders and templates in the agent's workspace — that is consistent with its description. However, metadata mismatches are present: SKILL.md claims v3.2.0 while package.json/meta.yaml/_meta.json show v3.1.0; owner IDs differ; meta.yaml declares auto_sync and auto_install and lists dependencies even though there is no install spec. Before installing, verify the skill's origin (who published it), whether your OpenClaw environment will auto-sync/update skills from an external registry, and whether auto-install behavior is enabled by policy. Run it first in an isolated/test workspace (not a production directory), and avoid granting it access to sensitive files or credentials. If possible, ask the publisher for a canonical homepage or repository URL and clarification about the auto_sync/auto_install metadata — that information would raise or lower confidence. If you want, I can list the exact file operations the skill will perform when you invoke /开工 so you can decide where to safely run it.

Review Dimensions

Purpose & Capability: okThe name, description, SKILL.md and included templates/agents/commands match: this is an authoring/collaboration skill that initializes project folders, produces templates, and enforces multi-role behavior. There are no requested env vars or binaries that contradict the purpose.
Instruction Scope: noteRuntime instructions tell the agent to create and update files under projects/[name] and to detect files under 00-work/interview/workshop/. That is expected for a doc/workflow skill. The SKILL.md does not request credentials or access to unrelated system paths, but it does instruct writing files to the agent's current workspace (project initialization, saving workshop outputs). If you run this in a sensitive workspace it will create/modify files there.
Install Mechanism: concernThe skill is instruction-only with no install spec (lowest install risk), but meta.yaml includes flags like sync.auto_sync: true and installation.auto_install: true and declares dependencies (docx, xlsx) even though there is no install step. Those metadata entries are inconsistent with the rest of the package and could indicate leftover/incorrect packaging or an expectation of background syncing/installation behavior by the platform.
Credentials: okNo environment variables, no credentials, and no config paths are required. The skill operates on local project files and templates only, which is proportionate to its stated functionality.
Persistence & Privilege: concernThe skill itself is not marked always:true and allows normal autonomous invocation (default). However, meta.yaml's auto_sync/auto_install and 'managed_by: sub-agent-registry' introduce the possibility it expects to be auto-updated or managed by a registry — combined with 'Source: unknown' and absent homepage, this is a red flag because auto-updates from an unknown source increase supply-chain risk.