Skillv0.1.1

ClawScan security

OpenClaw Skill Growth · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 16, 2026, 12:41 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: This is a lightweight, instruction-only wrapper that points users to a GitHub project for skill-maintenance; its declared purpose, requirements, and instructions are coherent and proportionate.
Guidance: This wrapper is coherent and intended only to help you discover and run the full OpenClaw Skill Growth project. Before using it: (1) inspect the upstream GitHub repo and release to confirm authenticity, (2) run demo:dry-run and review generated proposals/patches before running any apply command, (3) if you run npm install for the full project, consider doing so in an isolated environment or CI runner and review dependencies, and (4) be cautious if you provide repository credentials or run apply against real skill directories because apply can modify SKILL.md files and bump versions.

Review Dimensions

Purpose & Capability: okThe name/description (skill maintenance, observation, propose/apply flows) align with the instructions and included docs. The package is explicitly a ClawHub wrapper that points to a GitHub repo; it does not request unrelated credentials or binaries.
Instruction Scope: noteSKILL.md instructs the user/agent to clone the GitHub repo and run npm scripts (scan, analyze, propose, report, apply). Those commands legitimately operate on local skill directories and run logs and can modify SKILL.md files when you execute an "apply" flow—this is expected for the stated purpose but means you should review proposals and use demo:dry-run before making changes.
Install Mechanism: okNo install spec in the wrapper itself (instruction-only). The README/INSTALL.md points to a GitHub repo and npm install/build/test steps for the real project — a standard approach. Note: installing the full project will run npm install and pull packages from the registry, which is typical but worth auditing if you require a fully locked supply chain.
Credentials: okThis wrapper declares no required environment variables, credentials, or config paths. The underlying project may require filesystem access (to skill dirs and run logs) and possibly repository/git credentials if you exercise apply flows against remote repositories, but nothing in this wrapper unexpectedly asks for secrets.
Persistence & Privilege: okalways is false and the skill does not request elevated or persistent platform privileges. The agent may invoke the skill autonomously (default), which is normal; this combined with the ability to run apply flows means the user should control when the plugin is run and prefer dry-run first.