Skillv1.0.0

ClawScan security

Claw Doctor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 10, 2026, 8:20 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only troubleshooting guide for OpenClaw/NanoClaw and its requested actions and paths are consistent with that purpose, but follow its commands with care because they can read secret files and run package installs.
Guidance: This skill is coherent with its stated purpose and appears to be a local troubleshooting checklist. Before running commands from it: (1) review any command that reads or prints secret files (e.g., ~/.openclaw/secrets/*) and avoid pasting secrets into chats; (2) inspect scripts before chmod/exec to ensure they are from a trusted source; (3) be aware pip3/npm install will fetch packages from the network — prefer installing in an isolated environment (venv/container) or review requirements first; (4) if the Python YAML snippet fails, you may need pyyaml installed locally; (5) if unsure, run the diagnostic read-only commands (ls, cat head) first and ask for guidance on specific fixes rather than applying all changes automatically.

Review Dimensions

Purpose & Capability: okName/description match the contents: the SKILL.md focuses on diagnosing OpenClaw/NanoClaw issues and references exactly the locations and operations (workspace ./skills, ~/.openclaw, secrets, scripts, YAML frontmatter) you'd expect for that task.
Instruction Scope: noteInstructions legitimately instruct reading skill files, YAML frontmatter, searching for scripts, checking ~/.openclaw and workspace paths, verifying API key files, and running dependency installs. These actions are within scope for a repair tool, but several are sensitive: the guide recommends reading secret files (e.g., ~/.openclaw/secrets/<skill>.key), running chmod/exec on scripts, and executing pip/npm installs — all of which can expose secrets or execute remote code if done blindly.
Install Mechanism: okNo install spec (instruction-only), so nothing is written by the registry. The guide recommends running pip3/npm install for skill-local dependencies; that is reasonable for repairing skills but carries the standard network-package risk from registries.
Credentials: okThe skill declares no environment variables or credentials and does not request unrelated secrets. It does instruct checking common config paths (workspace and ~/.openclaw) and secrets locations, which is proportional to diagnostics. Note: the runtime instructions access secrets files on disk (expected for repair), so users should be aware these operations reveal sensitive data.
Persistence & Privilege: okThe skill does not request always:true, has no install hooks, and is user-invocable. It does not modify other skills' configurations in the instructions; suggested edits are local fixes (chmod, pip installs, editing shell rc) which are normal for remediation.