Skillv0.1.1

ClawScan security

Habitat-GS-Navigator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 18, 2026, 4:15 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions, commands, and configuration match its stated purpose (controlling a local Habitat-GS Bridge for embodied navigation), but it asks users to install third‑party code and write local logs — review and sandbox the install before running.
Guidance: What to consider before installing and using this skill: - The skill is coherent with its description: it controls a local Habitat-GS bridge and uses hab-cli to navigate scenes. No credentials are requested. - The SKILL.md instructs you to git clone and pip install -e from a third‑party GitHub repo. That will run arbitrary code on your machine during install — review the repository contents (setup.py/pyproject, entry points, any scripts) before installing. - Prefer to install in an isolated environment (a dedicated conda env or virtualenv) or a disposable container, not as root or into your system Python, because habitat_sim and other native deps can be heavy and may require compilation. - Check the repo author and consider using an official release tag or checksum instead of cloning the main branch. If you cannot audit the code, run the service in a sandboxed VM or container. - Expect the skill to write episode logs under ~/.openclaw/workspace/memory/. If you have privacy concerns about local recordings or generated observations (the API returns base64 images), confirm what gets persisted and where. - If you plan to point the bridge at a remote host, be cautious: the CLI supports a --url / HABITAT_GS_BRIDGE_URL and could talk to remote servers; for normal use keep it on localhost. If you want a stronger safety posture: inspect the GitHub repository, prefer pinned releases, run the bridge in a container, and avoid installing into system Python environments.

Review Dimensions

Purpose & Capability: okName/description (navigate 3DGS via Habitat-GS Bridge) align with the runtime instructions: the SKILL.md documents using hab-cli/habitat-gs-bridge, loading scenes, stepping the agent, and reading agent state. Required resources (local bridge, scene files, habitat_sim) are appropriate for the stated purpose.
Instruction Scope: noteInstructions stay within navigation/simulator scope (start bridge, use hab-cli to load/reset/step/observe, inspect distance/collision). The skill instructs recording episode summaries to ~/.openclaw/workspace/memory/YYYY-MM-DD.md (local logging), which is reasonable for a memory feature but is a persistent write to the user's home directory and should be expected by the user.
Install Mechanism: concernThe SKILL.md tells the user to git clone and pip install -e from a GitHub user repo (The0xKa1). Installing arbitrary third‑party code with pip (editable install) executes code during install and can run arbitrary setup steps; the instructions do not pin a release, provide checksums, or indicate official/verified upstream. This is a legitimate install for this tool but is higher risk — run in an isolated environment and review the repo before installing.
Credentials: okNo credentials or sensitive environment variables are requested. The docs optionally reference HABITAT_GS_BRIDGE_URL and BRIDGE_PORT to point the CLI at a non-default host/port, which is reasonable. The skill does require local access to scene files and habitat_sim (heavy native deps), which is appropriate for the task.
Persistence & Privilege: noteThe skill does not request elevated privileges and is not always-on. It writes episode logs to ~/.openclaw/workspace/memory/, creating persistent local files (expected for memory features). Autonomous invocation is allowed (platform default) but not by itself a concern; this skill does not modify other skills or system-wide configurations.