Mission Control Builder
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent instruction-only guide for building a personal OpenClaw dashboard, with notable but purpose-aligned handling of local task data and OpenClaw memories.
This skill appears safe as an instruction-only dashboard-building guide. Before using the resulting app with real OpenClaw data, keep it local or add login protection, limit what memories it can show, validate API inputs, and review any npm dependencies installed during setup.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the dashboard is shared or deployed insecurely, private OpenClaw memories could be visible to unintended people.
The dashboard is intended to expose OpenClaw memory content, which may contain sensitive persistent context. This is disclosed and purpose-aligned, but users should protect the resulting dashboard.
"Memory Browser" - Search and view your OpenClaw memories
Run the dashboard only in a trusted environment unless authentication, authorization, and clear memory-scope controls are added.
If the generated web app is exposed to others, unauthenticated users might be able to create or update task records.
The example Next.js API route accepts request body data and writes new task records. This is normal for a task dashboard, but the visible example does not show authentication or input validation.
export async function POST(request: NextRequest) { ... const body = await request.json(); const task = await addTask(body); ... }Add authentication, authorization, and input validation before deploying the dashboard outside a local trusted machine.
The user will be depending on npm package provenance and their local Node.js tooling when following the guide.
The guide instructs the user to create a Next.js app and install a dependency. These are standard setup steps for the stated purpose, but they rely on external npm packages and the metadata does not declare required Node/npm tooling.
npx create-next-app@latest mission-control --typescript --tailwind npm install lucide-react
Use a trusted Node/npm environment, review generated package files, and consider pinning dependency versions for reproducible builds.