openclaw-behavior-plan
PassAudited by ClawScan on May 1, 2026.
Overview
This is an instruction-only planning skill that may describe powerful tool actions, but the artifacts do not show hidden execution, credential use, persistence, or data exfiltration.
This skill appears safe as a planning aid, but users should treat its output as a draft plan: check any proposed shell commands, file writes, account actions, or third-party posts before allowing another agent to execute them.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a generated plan is later executed without review, it could lead another agent to perform file, shell, or third-party service actions.
The skill can generate plans that name powerful tools such as file write and shell execution, but it frames them as plan steps and explicitly calls for user confirmation on sensitive operations.
需要读/写文件 → `read_file` / `write_file`; 需要执行脚本 → `execute_shell`; 需要第三方服务 → 对应 skill ... 若涉及敏感操作 ... 标注「需用户确认」
Review generated plans before execution, and require explicit approval for shell commands, file modifications, messages, account changes, or other irreversible actions.