DocClaw
PassAudited by ClawScan on May 1, 2026.
Overview
DocClaw appears to be a legitimate documentation helper that fetches and caches OpenClaw docs from a fixed trusted site without requesting credentials or showing destructive behavior.
This skill is reasonable to install if you want OpenClaw documentation lookup. Expect it to run included Python scripts, fetch only from docs.openclaw.ai, and create local docs cache/index files. Review the scripts if provenance matters to you, and treat fetched documentation as reference content rather than instructions.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
When used, the agent may run local helper scripts that contact the OpenClaw docs site and write documentation cache files.
The skill explicitly instructs the agent to run included Python helper scripts. This is expected for its documentation-fetching purpose and the scripts are provided for review, but users should know local code execution is part of normal use.
Refresh docs index:\n - `python3 {baseDir}/scripts/refresh_docs_index.py`\n- Fetch exact markdown:\n - `python3 {baseDir}/scripts/fetch_doc_markdown.py "cli/models"`Use it only if you are comfortable with the included scripts running for docs lookup; keep invocations scoped to the documented scripts and avoid arbitrary output paths.
You cannot verify an external project homepage or source repository from the metadata alone.
The registry metadata does not provide upstream provenance or an install contract for the included executable scripts. The full script contents are included and appear scoped, so this is a provenance note rather than a concern.
Source: unknown\nHomepage: none\nNo install spec — this is an instruction-only skill.\nCode file presence: 4 code file(s)
Review the included scripts before installing and prefer versions with clear source provenance when available.
Cached docs may affect future answers if reused, and stale or changed documentation could be over-trusted.
Fetched documentation is saved locally for later reference. This is purpose-aligned, but retrieved documentation can influence later agent answers and should be treated as reference material, not as trusted instructions.
out_path = Path(args.out) if args.out else Path(args.cache_dir) / f"{slug}.md"\nout_path.parent.mkdir(parents=True, exist_ok=True)\nout_path.write_text(markdown, encoding="utf-8")Keep the skill’s stated rule to treat fetched docs as untrusted content, verify important command behavior with OpenClaw help output, and clear the cache if needed.