Skillv1.0.0

ClawScan security

context-switcher · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 20, 2026, 11:17 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally coherent: it performs only local reads/writes to its own skill directory to record and restore modes, asks for no credentials, and does not call external endpoints.
Guidance: This skill appears to be what it claims: local-only mode switching implemented via simple shell scripts and markdown profiles. Before installing, confirm these points: (1) OpenClaw on your system will actually honor current-context.json (notification muting and calendar triggers are platform features the skill expects). (2) The skill will store potentially sensitive items (mode profiles, pre-switch snapshots, and a DND log) under ~/.openclaw/skills/context-switcher/ — review and set filesystem permissions accordingly and avoid putting secrets in modes/*.md. (3) Auto-triggering from calendar requires OpenClaw’s calendar integration: ensure you understand what calendar permissions the platform already grants. If you want tighter control, disable auto-triggering or inspect the mode files and snapshots regularly. No network calls or credentials were found in the code; if you see later updates that add downloads, environment variables, or external endpoints, re-evaluate before installing.

Review Dimensions

Purpose & Capability: okName/description (mode switching, notification/memory shaping) matches what the scripts do: they read mode profiles (modes/*.md), write a local current-context.json and snapshots, and produce summaries. There are no unrelated env vars, binaries, or network accesses requested.
Instruction Scope: noteSKILL.md and the scripts stay within the stated purpose and operate on local files. One important caveat: actual muting of notifications and calendar-trigger registration are not implemented in the scripts — the skill relies on OpenClaw platform behavior to honor current-context.json and to route calendar/trigger events. That dependency is expected but worth verifying on your installation (the skill does not itself add calendar permissions or a background daemon). The DND behavior logs incoming messages to snapshots/dnd-log.json; the scripts assume OpenClaw or other parts of the agent will supply those messages.
Install Mechanism: okNo install spec or remote downloads; this is instruction-plus-local-scripts only. No archives or external package installs are fetched.
Credentials: okNo environment variables, credentials, or external tokens are requested. The scripts access only files within the skill directory (modes/, current-context.json, snapshots/).
Persistence & Privilege: okSkill is not forced always-on. It writes only to its own skill directory (creating snapshots and logs there). It does not modify other skills or system-wide settings. Auto-invocation is allowed by default but that is the platform norm; you can disable auto-triggering per the SKILL.md.