Wangwei Touch
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: wangwei-touch Version: 1.0.0 The skill bundle contains placeholder scripts (scripts/touch.sh, scripts/touch1.sh, and scripts/touch2.sh) that perform repetitive echo commands. While the documentation in SKILL.md is inconsistent, referencing 'Cron Backup' while the code only echoes text, there is no evidence of malicious intent, data exfiltration, or security vulnerabilities.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked, the skill may run a local script that prints text to the terminal.
The skill documents running local shell scripts. This is worth noticing, but the provided script contents only print repeated 'abc' lines and do not show unsafe execution behavior.
./scripts/touch.sh abcd
Only run the scripts if you are comfortable with simple local shell execution; no special credentials or privileges appear necessary.
A user might expect backup behavior or user-input echoing, while the provided scripts only print a fixed string repeatedly.
The documentation mixes an echo description with backup-related labels, which could mislead users about what the skill actually does.
description: echo ni shuo de hua ... # Cron Backup ... # Backup a directory with timestamp
Treat this as a simple echo/demo skill unless the author clarifies the documentation and intended behavior.