ClawHub
Back to skill
v1.2.3

DeepthinkLite

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:29 AM.

Analysis

DeepthinkLite appears benign: it creates local research artifacts and includes clear permission and untrusted-source handling guidance, though users should notice that approved research may read local or web sources and save excerpts locally.

GuidanceThis skill is reasonable to install if you want local research scaffolding. Before use, choose a safe output folder, approve only the specific local paths or web browsing you want the agent to access, and consider summary-only mode when working with sensitive or untrusted sources.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
DeepthinkLite assumes the agent may use tools for research:
- read local files / docs
- inspect source code
- browse the web / fetch URLs

But: before doing any web browsing or accessing non-obvious local paths, the agent must ask the user explicitly for permission

The skill permits potentially sensitive research tool use, but it is disclosed, purpose-aligned, and explicitly permission-gated.

User impactIf approved, the agent may inspect local files or browse the web as part of research.
RecommendationApprove only specific paths, repositories, or browsing targets you are comfortable sharing with the agent.
Unexpected Code Execution
SeverityInfoConfidenceHighStatusNote
scripts/openclaw.plugin.json
"entrypoint": "bash",
"args": [
  "scripts/deepthinklite.sh"
]

Invoking the skill runs the included bash wrapper and Python script locally. The reviewed code only creates scoped research artifact files, so this is expected for the workflow.

User impactUsing the command will execute local script code and create files under the chosen output directory.
RecommendationUse a safe output directory and review generated files, especially if your query includes sensitive information.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
Every run produces two artifacts you can keep, diff, and reuse:

- `questions.md`
- `response.md`

... `--source-mode raw` (default): raw snippets allowed

The workflow intentionally persists research outputs, and the default mode can include raw untrusted source snippets. The skill also provides untrusted-content handling rules, which mitigates but does not remove the need for care.

User impactSaved research files may contain your query, citations, and raw source excerpts that could be reused later.
RecommendationUse `--source-mode summary-only` for sensitive or highly untrusted sources, and keep raw excerpts clearly labeled as untrusted.