FamilyWall Integration
PassAudited by ClawScan on May 12, 2026.
Overview
The skill appears purpose-aligned, but it needs your FamilyWall email/password and can read or change private family data such as messages, locations, events, and lists.
Use this skill only if you are comfortable giving OpenClaw access to your FamilyWall account. Protect the .env file containing your password, confirm any action that sends messages or changes/deletes family data, and treat location and message outputs as private.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent run with these environment variables can authenticate to FamilyWall through this skill and access account-backed family data.
The skill reads FamilyWall account credentials from the environment and logs in as the user, giving it delegated access to the FamilyWall account.
email = os.environ.get("FAMILYWALL_EMAIL") ... password = os.environ.get("FAMILYWALL_PASSWORD") ... success = client.login(email, password)Store the password carefully, restrict access to ~/.openclaw/.env, use a least-privileged or dedicated account if possible, and ensure the credential requirement is declared in metadata.
Mistaken or overly autonomous use could delete a family event, change shared lists, or send an unintended family message.
The documented commands can mutate FamilyWall account content by deleting events, changing list items, and sending messages.
`events delete EVENT_ID` ... `lists check ITEM_ID` ... `messages send THREAD_ID "Hello family!"`
Require explicit user confirmation before running create, delete, check/uncheck, list-create, or message-send commands.
Private family chats, location information, and feed content may be exposed to the agent session and any logs or transcripts that capture command output.
The skill can retrieve private family messages, member locations, and wall/feed content into the agent's working context and command output.
`messages read THREAD_ID --limit 20` ... `locations` ... `wall --limit 20`
Only invoke these read commands when needed, treat outputs as private, and ensure family members are comfortable with location and message access.