Skillv1.6.0

ClawScan security

一步完成进化 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 14, 2026, 7:29 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: Instruction-only setup/template skill that documents and copies workspace files to standardize an OpenClaw installation; it requests no secrets, installs nothing, and its assets are purely template/docs so its declared purpose aligns with its behavior.
Guidance: This skill is an instruction-and-template pack to restructure an OpenClaw workspace. It does not require secrets, does not install external code, and contains only documentation and file templates. Before using: back up your existing workspace (the templates are intended to be copied/merged and could overwrite files), manually review the templates so you understand what will be added or replaced, and ensure you want the architectural changes (single strong main, isolated rescue, cron/heartbeat conventions). Note the agent policy file sets allow_implicit_invocation=true which can allow implicit invocation behavior in some platforms—if you prefer manual control, verify platform settings for implicit skill invocation before enabling it.

Review Dimensions

Purpose & Capability: okThe name/description promise (stand up the Fire Dragon Fruit Architecture) matches the included files: templates, checklists, and reference docs. There are no unrelated requirements (no binaries, no env vars). The templates and references are appropriate for the stated purpose.
Instruction Scope: okSKILL.md and the repository files instruct the agent/operator to inspect the current OpenClaw workspace and copy/merge template files into the filesystem. Instructions operate on local files and workspace structure only; there are no hidden network endpoints, credential access, or commands executed in the provided docs. The provided agents/openai.yaml sets allow_implicit_invocation=true (a policy hint) but that is a configuration flag, not code that exfiltrates data.
Install Mechanism: okNo install specification and no code files to execute. This is the lowest-risk pattern: nothing is downloaded or written by an automated installer beyond what the operator chooses to copy from the templates.
Credentials: okThe skill declares no required environment variables, no primary credential, and no config paths. The instructions and templates do not ask for credentials. There is nothing disproportionate requested for the stated system-configuration purpose.
Persistence & Privilege: okSkill flags: always=false and model invocation is allowed (default) which is normal. The skill does not attempt to modify other skills or global agent settings beyond providing templates and guidance, and it does not contain install-time code that would persist services or daemons.