Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Clawreverse
v0.1.0Inspect, checkpoint, rollback, and branch OpenClaw sessions with the ClawReverse plugin. Use when a user wants to recover from bad tool or file changes, rest...
⭐ 0· 115·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name, description, and required binary ('openclaw') align with the included files and behavior. The code implements checkpointing, rollback, branching and CLI bindings; none of the requested resources (no unrelated env vars or external services) are disproportionate to the claimed purpose.
Instruction Scope
SKILL.md instructs the agent to run only OpenClaw CLI commands (openclaw reverse, openclaw plugins install -l, openclaw reverse setup) and to edit/patch the OpenClaw config (openclaw.json). Those actions are within the plugin's stated purpose (installing and registering a plugin that manipulates OpenClaw sessions and state). Note: the plugin will read and write OpenClaw state files, session transcripts, workspace paths, and may copy agent/workspace directories as part of fork/continue operations.
Install Mechanism
There is no external download/install spec in the registry metadata—installation is expected to be performed locally via 'openclaw plugins install -l "{baseDir}"' using the skill bundle. The bundle includes source/dist JS files. No network downloads or URL-based installs are specified by the skill metadata.
Credentials
The skill declares no required environment variables, which matches SKILL.md. The plugin code does read environment fallbacks (e.g., OPENCLAW_GATEWAY_TOKEN, OPENCLAW_GATEWAY_PASSWORD, OPENCLAW_STATE_DIR / OPENCLAW_HOME) when attempting to connect to the gateway or resolve state paths — this is expected for an OpenClaw plugin but it does mean the plugin may access environment-held credentials or sensitive config if present. The env access appears proportional to the task (auth to the OpenClaw Gateway, locating state directories) but users should be aware of these implicit reads.
Persistence & Privilege
always: false (normal). The SKILL.md and code instruct enabling the plugin in the OpenClaw config (writing to openclaw.json) and creating plugin-managed directories under the OpenClaw state. That is expected for a native plugin, but it grants the plugin persistent presence inside OpenClaw state and file-system-level access to session/workspace data while installed.
Assessment
This skill is internally consistent with being an OpenClaw native plugin: it installs from the local skill bundle, modifies openclaw.json, and performs filesystem operations on OpenClaw state and workspaces as required for checkpointing/rollback. Before installing: (1) verify you trust the source (check the GitHub repo and author), (2) back up your openclaw.json and important workspace files, (3) inspect the bundle (the dist/*.js files are present) if you have doubts, and (4) be aware that installing the plugin runs third‑party code with access to OpenClaw state and workspace files and may read gateway tokens from environment variables. If you want to limit risk, install and test it in an isolated environment or VM first.dist/native/cli.js:152
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk978sy7259ss1hdzgt3prhydrd839mz2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
⏪ Clawdis
Binsopenclaw