Clawdex by Koi

The OpenClaw AgentSkills skill bundle 'clawdex' is designed to perform security checks on other ClawHub skills. Its primary function involves making `curl` requests to `https://clawdex.koi.security/api/skill/SKILL_NAME` to retrieve a security verdict, which is consistent with its stated purpose. It also uses `ls` to list installed skills in `~/.openclaw/skills/` or `~/.clawdbot/skills/` for auditing. While the `SKILL.md` contains instructions for the AI agent (e.g., to inform the user or seek approval for 'unknown' skills), these are security-positive directives that align with the skill's function and do not constitute malicious prompt injection. There is no evidence of data exfiltration, malicious execution, persistence, or other harmful behaviors.