skill sec
PassAudited by ClawScan on May 10, 2026.
Overview
The skill is a purpose-aligned security scanner, but it sends skill metadata and optionally selected skill source files to Clawned, so users should review its privacy and trust implications.
This skill appears coherent for its security-dashboard purpose. Before installing, make sure you trust Clawned, use a dedicated API key, understand that explicit scans upload selected skill files, and enable the cron sync only if you want recurring inventory updates.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A selected skill's source/configuration files may leave the local machine during an explicit scan.
The skill can upload source files from a user-specified skill directory to the provider. This is disclosed and purpose-aligned for cloud security analysis, but users should not scan directories containing secrets they do not want uploaded.
During `scan --path` (explicit user action only): ... File contents are sent to the Clawned server for security analysis
Use `scan --path` only on skill directories you are comfortable sending to Clawned, and review files for embedded secrets first.
Whoever controls the configured Clawned server receives the API key in authorization headers.
The script uses a Clawned API key as a bearer token for dashboard API requests. This is expected for the integration, with no evidence of hardcoded keys or unrelated transmission.
headers={"Authorization": f"Bearer {CLAWNED_API_KEY}", "Content-Type": "application/json"}Use a dedicated Clawned API key and keep `CLAWNED_SERVER` set only to a trusted endpoint.
The skill process can access the local OpenClaw configuration file while inventorying skills.
The script reads the OpenClaw config file to discover extra skill directories. The code shown uses only the `extraDirs` list and does not transmit the config, but this file may contain other sensitive OpenClaw configuration.
cfg = json.load(open(os.path.join(home, ".openclaw", "openclaw.json")))
for d in cfg.get("skills", {}).get("load", {}).get("extraDirs", []):Confirm you trust the skill before running sync, and avoid storing unnecessary secrets in OpenClaw config where possible.
Clawned may receive basic device-identifying information in addition to installed-skill metadata.
The code sends hostname and OS platform during first registration. This is plausible for an agent dashboard, but the SKILL.md privacy section emphasizes that sync sends only skill metadata, so this device metadata should be noticed.
api_request("/api/skills/agent/register", {"hostname": platform.node(), "os_platform": platform.system().lower()})Install only if you are comfortable sharing hostname and OS information with Clawned; the publisher should disclose this explicitly in the privacy section.
If the cron example is installed, the skill will periodically sync inventory data to Clawned.
The skill documents an optional recurring sync job. It is user-configured rather than hidden, but it creates ongoing background communication if enabled.
Schedule every 6 hours via OpenClaw cron
Enable the cron job only if you want recurring cloud sync, and remove the job to stop automatic updates.
Users have less provenance information for independently verifying the published script.
The registry metadata does not identify a source repository. This is a provenance limitation, especially for a security tool that contacts an external dashboard.
Source: unknown
Prefer installing from a publisher and source location you trust, and review the local script before providing an API key.