Back to skill
Skillv1.0.0
ClawScan security
Multi-Agent Manager · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 8:48 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions are consistent with its stated purpose (monitoring and visualizing OpenClaw agents) and do not request unrelated credentials or unusual installs.
- Guidance
- This skill appears to be what it says: a set of small Python scripts that call the local 'openclaw' CLI to list agents, sessions, and statuses and to send messages between agents. Before installing, confirm you trust the 'openclaw' CLI on your system (it is the component that actually has access to agent state and any credentials). Be aware the scripts will print workspace paths and session data to stdout, so avoid running them in environments where that output could leak sensitive information. If you do not want autonomous invocation, disable model invocation for the skill in your agent settings. Review communicate.py before use, since it will send messages via the CLI to agents and could cause actions in your agent network.
Review Dimensions
- Purpose & Capability
- okName/description claim monitoring and visualization of agents; scripts call the 'openclaw' CLI to list agents, sessions, status, send messages, and format JSON — this is coherent with the stated purpose. No unrelated env vars or binaries are requested.
- Instruction Scope
- okSKILL.md instructs running the included Python scripts (monitor.py, visualize.py, track-flow.py, communicate.py). Those scripts only invoke the 'openclaw' CLI and print/format its JSON output. There is no instruction to read arbitrary system files, exfiltrate data, or call external endpoints beyond the OpenClaw CLI.
- Install Mechanism
- noteNo install spec is provided (instruction-only), which is low risk. The package does include Python scripts (will be executed from the skill directory). Nothing is downloaded or extracted at install time. Note: ensure the scripts are executed from a trusted location.
- Credentials
- okThe skill does not declare or require any environment variables or secrets. It relies on the local 'openclaw' CLI; any credentials/access needed are those used by that CLI, not requested explicitly by the skill.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. disable-model-invocation is false (normal default). The skill does not modify other skills or system-wide configs.