Skillv0.1.0

ClawScan security

OpenClaw Workspace Doctor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 13, 2026, 4:05 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (inspect/repair an OpenClaw workspace and optionally patch ~/.openclaw/openclaw.json) is plausible, but the repository/instructions are internally inconsistent and reference missing source and mismatched script names — exercise caution and get the missing/consistent files before running.
Guidance: Do not run these scripts on your main machine yet. The repo/instructions are inconsistent: SKILL.md refers to scripts/workspace_doctor.py and fix_openclaw_codex_config.py but the package contains run_doctor.py and fix_openclaw_config.py; wrappers import a src/workspace_doctor package that is not present. Before using: 1) Ask the publisher for the missing src/ files or a corrected package. 2) Inspect the full implementation of src/workspace_doctor/* to confirm no hidden network endpoints or exfil logic. 3) Run the fixer in a disposable/sandbox environment (or with the --stdout option if available) to verify output before allowing it to write to ~/.openclaw/openclaw.json. 4) Confirm the script creates a timestamped backup as promised. If the author cannot explain the missing files and mismatched names, do not install or run the skill.

Review Dimensions

Purpose & Capability: noteThe declared purpose (workspace inspection/repair and an external OpenClaw config fixer) matches the higher-level instructions to run a doctor and to patch ~/.openclaw/openclaw.json. However the SKILL.md commands reference scripts named scripts/workspace_doctor.py and scripts/fix_openclaw_codex_config.py while the repo actually contains scripts/run_doctor.py and scripts/fix_openclaw_config.py. The skill also references a src/workspace_doctor package (in wrappers and repo-layout) but no src/ tree or package files are present in the manifest. These inconsistencies mean the skill as packaged cannot perform its claimed function without additional missing files.
Instruction Scope: noteInstructions explicitly instruct writing/patching the user-level config at ~/.openclaw/openclaw.json (with backups and a --stdout safe mode). That behavior is within the described purpose but is high-impact (modifies files outside the workspace and the user home). The SKILL.md also includes a hard-coded example path (/Users/xutao/...) and references repo commands that don't match actual filenames; the workflow assumes code under src that isn't included in the package.
Install Mechanism: okNo install specification — instruction-only with small Python wrapper scripts. This is low-risk from an installer perspective because nothing is automatically downloaded or written by an install step.
Credentials: okThe skill does not declare or request any environment variables or credentials. The only sensitive operation is writing to a user home config file (~/.openclaw/openclaw.json), which is coherent with the stated purpose but should be explicitly confirmed by a user before running.
Persistence & Privilege: noteThe skill is not force-included (always: false) and does not request special platform privileges. However it is designed to modify a user-level persistent config file (~/.openclaw/openclaw.json). Combined with the packaging inconsistencies, this raises risk: a user running a mismatched or tampered fixer could unintentionally change their global OpenClaw configuration.