v1.0.1

Skill Studio

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:05 AM.

Analysis

Skill Studio is a coherent instruction-only helper for creating, validating, and publishing OpenClaw skills, with expected but important notes around local validation, CLI installation, login tokens, and publishing.

GuidanceBefore installing or using this skill, be prepared for it to run local validation commands, install or use the ClawHub CLI, authenticate to ClawHub, and publish content if you request publishing. Review generated SKILL.md files and credentials carefully before running publish commands.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Unexpected Code Execution

SeverityLowConfidenceHighStatusNote

SKILL.md

After generating SKILL.md, run validation automatically. ... python3 << 'PYEOF'

The skill tells the agent to run an embedded local Python validator after generating a skill file.

User impactThe agent may execute local Python that reads the generated SKILL.md in the workspace. This is expected for validation, but it is still local code execution.

RecommendationRun validation only in the intended workspace and review generated files before accepting automatic fixes.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

references/publish-guide.md

npm install -g clawhub

The publishing guide instructs users to install a global npm CLI package as part of the workflow.

User impactInstalling a global CLI changes the local environment and depends on the npm package being the intended, trusted ClawHub CLI.

RecommendationVerify the package name/source before installing, prefer trusted documentation, and avoid unnecessary elevated privileges.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

references/publish-guide.md

clawhub publish /path/to/your-skill --slug your-skill-name --version 1.0.0 --changelog "Initial release: Brief description"

The guide includes a command that publishes a skill to ClawHub.

User impactRunning the publish command can make content available through the user's ClawHub account.

RecommendationInspect the generated skill, metadata, dependencies, and changelog before publishing.

Human-Agent Trust Exploitation

SeverityLowConfidenceMediumStatusNote

SKILL.md

- All data processed locally or via specified APIs
- No unauthorized data transmission
- Follow OpenClaw security best practices

The generation template includes broad safety/privacy boilerplate that may be inserted into generated skills.

User impactGenerated skills could contain security claims that users may over-trust if they are not checked against the actual skill behavior.

RecommendationCustomize or remove generic security statements unless they are accurate for the generated skill.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

references/publish-guide.md

clawhub login ... This opens browser for GitHub OAuth. ... clawhub auth login --token YOUR_TOKEN

Publishing requires authenticating to ClawHub via OAuth or a token.

User impactThe CLI may gain authority to act on the user's ClawHub account, including publishing skills.

RecommendationUse scoped, revocable tokens where possible, do not share tokens unnecessarily, and revoke credentials when no longer needed.