Back to skill
Skillv1.0.1
ClawScan security
API Health Monitor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 2:31 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its stated purpose (scanning OpenClaw session logs for LLM API error patterns) and it does not request unrelated credentials or perform unexpected network or system actions.
- Guidance
- This skill appears to do exactly what it says: read recent files in ~/.openclaw/agents/main/sessions/ and report LLM API error patterns. Before installing or enabling it broadly: (1) Inspect a few session files manually to see if they contain sensitive data (API keys, tokens, private user content). (2) Run the skill in a sandbox or on a copy of logs first so you can confirm its output does not leak secrets. (3) If you allow autonomous invocation, be aware the skill can be run by agents and may surface sensitive log contents — consider restricting when/which agents can invoke it. (4) If you need safer behavior, request or modify the code to redact known secrets or limit returned message length/content.
Review Dimensions
- Purpose & Capability
- okName/description, SKILL.md, and index.js all target ~/.openclaw/agents/main/sessions/ and search for LLM API error patterns. The declared requirements (none) are consistent with the simple local-log-parsing task. Minor metadata inconsistencies: package.json version (1.0.0) differs from registry metadata (1.0.1) and the SKILL.md example path is a generic require path, but these are bookkeeping issues not functional mismatches.
- Instruction Scope
- noteInstructions and runtime code exclusively read files under the session directory and produce a JSON report; they do not call external endpoints or access unrelated system paths. Note: reading session logs can surface sensitive data (user content, API keys, tokens) because the code returns message snippets and file basenames without redaction; SKILL.md does not warn about this privacy sensitivity.
- Install Mechanism
- okNo install spec or remote downloads; the skill is instruction-only but includes a local index.js and package.json (no external dependencies). Nothing in the manifest installs third-party code from remote URLs or writes unexpected binaries.
- Credentials
- okNo environment variables or credentials are required. The code uses HOME/USERPROFILE only to locate the expected sessions directory, which is proportional to the stated purpose.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide configuration or modify other skills. Autonomous invocation is allowed (platform default); combined with the skill's access to session logs, this is a privacy consideration but not a coherence/security mismatch on its own.