Back to skill
Skillv0.1.0
ClawScan security
OpenClaw Model Card · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 6:16 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and runtime instructions match its stated purpose (reading openclaw.json, checking consistency, and optionally rendering an image); minor documentation mismatches about dependencies and an undocumented environment variable are the only issues.
- Guidance
- This skill appears to implement exactly what it claims: reading an openclaw.json, performing consistency checks, listing models, and optionally rendering a visual card. Before installing/use: 1) Run it with an explicit --config path to avoid unintentionally reading system/user config files (the script will fallback to OPENCLAW_CONFIG or default paths if --config is omitted). 2) Ensure your environment has python3 and node installed, and install wkhtmltoimage if you want image rendering (md2img.js checks for it). 3) Because the registry metadata lists no required binaries or env vars but the code uses OPENCLAW_CONFIG and external binaries, prefer using explicit paths and avoid exposing sensitive files. 4) If you need higher assurance, review the two included scripts locally (they are short and readable) and run them in a sandboxed environment first. Overall this is internally coherent and not requesting secrets or network access.
Review Dimensions
- Purpose & Capability
- okThe name/description (generate model inventory and model-card images from openclaw.json) aligns with the included Python script and Node helper: the Python script reads openclaw.json, performs consistency checks and outputs Markdown/CLI text, and the Node script renders Markdown to an image. Nothing in the code attempts unrelated actions (no network calls, no credential usage).
- Instruction Scope
- noteSKILL.md instructs the agent to run the Python script with --config, which is correct and recommended. The Python script also falls back to an OPENCLAW_CONFIG environment variable and a set of default file paths (including /opt/openclaw-data/conf/openclaw.json and ~/.openclaw/openclaw.json) if --config is not provided. This fallback behavior is reasonable for convenience but is not documented in SKILL.md; it means the tool can read system or user config files if run without an explicit path.
- Install Mechanism
- noteThere is no install spec (lowest risk) and all code is included. However the skill requires runtimes/binaries that are not declared in the top-level metadata: the Python script requires python3 (present on most systems), the Node-based md2img.js requires node, and md2img.js depends on the external binary wkhtmltoimage. SKILL.md does note the wkhtmltoimage dependency but the registry metadata listed 'required binaries: none', which is inconsistent. There are no downloads or remote install URLs in the skill.
- Credentials
- noteThe skill does not request credentials and doesn't exfiltrate data. It does read an environment variable OPENCLAW_CONFIG (used as an alternative config path) even though the skill's declared required env vars list is empty; that discrepancy is minor but worth noting. Otherwise no access to secrets or unrelated system credentials is present.
- Persistence & Privilege
- okThe skill does not request persistent privileges, does not set always:true, and does not modify other skills or system-wide agent settings. It only reads files and writes output files when asked to render an image.