Skillv1.4.0

ClawScan security

Skill Scanner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 17, 2026, 1:02 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (a local scanner) and it does not request unrelated credentials or elevated persistence.
Guidance: This skill appears coherent and appropriate for scanning OpenClaw skills. Before running it: 1) only point the scanner at directories you control or intend to audit (it will read files under the given path), 2) treat results as heuristics—false positives and false negatives are possible (obfuscated or polymorphic malware can evade detection), 3) do not blindly execute any binaries the scanner flags; instead inspect or run them in a sandbox, and 4) if you rely on checksum verification, store and manage checksum manifests from trusted sources.

Purpose & Capability: okName/description, included scanner.py, and the runtime instructions all align: the tool is a local static/heuristic scanner for skill packages and does not request unrelated resources or credentials.
Instruction Scope: noteSKILL.md tells the agent/user to run the scanner against skill directories or SKILL.md files. The scanner will open and analyze any path the user supplies (including arbitrary filesystem paths if given), which is expected for a scanner but means you should only point it at skill directories you intend to analyze.
Install Mechanism: okNo install spec; it's instruction-only with a bundled Python script. Requiring python3 is proportional for a Python scanner and there are no external download/install steps.
Credentials: okNo environment variables, credentials, or config paths are requested. The scanner only contains detection patterns for common secrets and does not itself require those secrets.
Persistence & Privilege: okalways is false and there is no indication the skill attempts to persist, enable itself system-wide, or modify other skills. It runs on demand.