No.0-skill
WarnAudited by ClawScan on May 11, 2026.
Overview
The skill mostly matches its stated security-monitoring purpose, but unexplained wallet/purchase/credential capability signals and installer provenance gaps mean it should be reviewed before use.
Review this skill carefully before installing. Ask the publisher to explain or remove the wallet/purchase/credential capability signals, provide the missing dispatcher files and a complete install specification, pin dependencies, and let you inspect heartbeat_processor.py. If you proceed, start the background monitor/cron only intentionally and protect or periodically clean the ~/.openclaw/no0 runtime data.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If those capability signals are accurate, the skill may request authority over credentials, wallets, or purchases beyond what a local safety monitor should need.
Wallet, purchase, and sensitive-credential capabilities are high-impact and are not explained or scoped by the visible safety-monitoring purpose or credential declarations.
Capability signals: crypto; requires-wallet; can-make-purchases; requires-sensitive-credentials ... Primary credential: none
Do not grant wallet, payment, or credential authority unless the publisher clearly explains the exact need, scope, and safeguards; remove those capabilities if they are not required.
Installation may fail, or users may end up relying on launcher code that was not included for review.
The installer depends on dispatcher files that are not present in the supplied manifest, so the main executable path is either missing or not reviewable in the provided artifacts.
cp "$SRC_DIR/no0" "$TARGET/" cp "$SRC_DIR/no0.command" "$TARGET/" cp "$SRC_DIR/no0.ps1" "$TARGET/"
Require the publisher to include all referenced dispatcher files in the manifest and provide a complete install spec or hashes before installation.
Dependency updates could introduce compatibility or supply-chain risk over time.
The DLC installer uses pip with lower-bound dependency versions, so future package versions can change behavior; this is disclosed and purpose-aligned but not pinned.
PyYAML>=6.0 cryptography>=41.0 keyring>=24.0
Prefer pinned versions or a lockfile, especially because the DLC handles authentication, keyring, and sensitive-file classification.
The skill can continue monitoring and generating events after setup until the user stops or uninstalls it.
The skill is designed to keep running and periodically monitor agent identity files; this persistence is disclosed and central to the stated purpose.
30-second polling of all six cognitive files ... Conditional triggering via OpenClaw Cron
Start the monitor and cron/event handler only if you want ongoing protection, and verify that stop/uninstall commands work in your environment.
Sensitive information about your agent state and local files may remain in No.0 runtime storage even after events are processed.
The skill persists backups, events, audit records, and classification state that may include sensitive agent memory, user preferences, or file metadata.
~/.openclaw/no0/
├── events/
├── backups/
└── dlc/
├── audit.csv
├── classification.dbReview what is stored under ~/.openclaw/no0, protect that directory, and confirm retention/cleanup behavior before using it with sensitive data.
A mistyped target directory could delete more than intended.
The documentation includes destructive deletion commands, but they are scoped to uninstalling the skill's install/runtime directories and are not automatically executed.
Uninstall = stop, then `rm -rf <target_dir>` and optionally `rm -rf ~/.openclaw/no0/`.
Verify the target path before running rm -rf, and prefer a safer uninstall script with path checks and confirmation.