OpenClaw Shield Quick Scan
PassAudited by ClawScan on May 10, 2026.
Overview
This skill is a straightforward local security-scan wrapper, with the main caveat that it depends on an external OpenClaw Shield scanner and runs local Python commands.
This appears safe to use as a local scan helper. Before installing, confirm you trust the separately installed OpenClaw Shield scanner and only scan folders you are comfortable having analyzed into a local JSON report.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can run local scan commands and read files in the folder or file the user asks it to scan.
The skill instructs the agent to run local Python commands. This is expected for a local security scanner, but it is still executable behavior that should be limited to user-selected targets.
python3 "projects/OpenClaw-Shield/src/scanner.py" "<target_path>" --output "/tmp/openclaw-shield-report.json" python3 scripts/summarize_report.py "/tmp/openclaw-shield-report.json"
Only point it at folders you intend to scan, and review the command target before running it on sensitive directories.
Security of the actual scan depends on the separately installed OpenClaw Shield scanner.
The primary scanner is an external dependency rather than part of the provided files, so this review can only validate the wrapper and summarizer, not the scanner package itself.
`scanner_path` (optional): defaults to `projects/OpenClaw-Shield/src/scanner.py`... If the scanner is not installed: `clawhub install openclaw-shield`
Install OpenClaw Shield from a trusted source and review that package separately if you rely on this skill for sensitive repositories.