Claude Code 控制器
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is coherent as a Claude Code controller, but it repeatedly encourages running another coding agent with permission checks bypassed, including in background and parallel sessions.
Install only if you intentionally want OpenClaw to launch Claude Code for project work. Prefer normal Claude Code permission modes, avoid running it in sensitive directories, explicitly approve any background or parallel sessions, and monitor or terminate sessions when work is complete.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Claude Code may modify project files or run commands with fewer safety prompts than the user expects.
The main quick-start and task templates run Claude Code with permission checks bypassed, which can allow broad file changes and command execution without normal interactive approvals.
claude --permission-mode bypassPermissions --print "你的任务描述"
Do not make permission-bypass mode the default; require explicit user approval, use normal permission modes where possible, and restrict allowed directories and actions.
Background or parallel agents could keep using compute, editing files, or producing changes unless the user actively monitors and stops them.
The skill recommends starting Claude Code as a background process, and also recommends parallel Claude Code instances, creating long-running delegated agents that may continue acting after the initial request.
bash workdir:/path/to/project background:true command:"claude --permission-mode bypassPermissions --print '你的任务描述'"
Start background or parallel sessions only after explicit user confirmation, set time limits, track session IDs, and kill sessions promptly when complete.
A user may underestimate how much authority Claude Code receives and may rely on approval prompts that the command is designed to bypass.
The safety guidance frames permission-bypass mode as a safer alternative to full permissions, even though the option name itself indicates that permission checks are bypassed.
不要给完全权限 - 使用 `--permission-mode bypassPermissions` 而非 `--yolo`
Clearly warn that bypassPermissions skips normal permission checks, and recommend safer permission modes for routine use.
The behavior of the skill depends on the installed Claude Code package and its updates.
Installing the Claude Code CLI from npm is expected for this skill, but it introduces reliance on an external package and the install spec does not pin a version.
node | package: @anthropic-ai/claude-code | creates binaries: claude
Install only from a trusted registry, verify the package, and consider pinning or reviewing the Claude Code CLI version used.
Project code, diffs, or task context may be exposed to the Claude Code environment during use.
The skill delegates code review and project work to Claude Code; this is purpose-aligned, but the artifacts do not describe what project data may be sent to or processed by the Claude Code provider.
claude --permission-mode bypassPermissions --print "审查这个 PR 的改动... git diff origin/main...origin/pr/123"
Avoid using this on sensitive repositories unless the data-sharing implications of Claude Code are acceptable.