Skillv0.1.2

ClawScan security

Openclaw Ui Designer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 6:04 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and runtime instructions align with a local UI-design helper: it requires no credentials, makes no network calls, and only reads a local config; minor documentation inconsistencies exist but nothing indicates malicious behavior.
Guidance: This package appears coherent and local-only. Before using: (1) Inspect the three scripts (they are short and readable) to confirm behavior meets your expectations; (2) Run simple commands (e.g., color-palette and design-consult) to verify no network activity on your system; (3) If you expect component-gen to write files, be aware the provided script only prints generated code — redirect output or modify the script if you want automatic file creation; (4) Never pass secrets or API keys as part of design requests (the tool doesn't need them).

Review Dimensions

Purpose & Capability: okName/description (UI design helper) matches the included scripts (design-consult, color-palette, component-gen). No unrelated credentials, system paths, or binaries are requested.
Instruction Scope: noteRuntime instructions and SKILL.md stay within the design scope: scripts parse input, load a local config, and print suggestions or templates. Note: the SKILL.md and README state component-gen.py can optionally generate files to an output directory (and mention an --output parameter), but the component-gen.py in the package only prints generated code and does not implement an --output flag or file writing. Also SKILL.md documents the config path using an absolute ~/.openclaw path while scripts load the bundled config via a relative path; in typical installation layout these refer to the same file, but the discrepancy is documentation-only.
Install Mechanism: okNo install spec (instruction-only install). All scripts are bundled in the package; nothing is downloaded or extracted at runtime.
Credentials: okThe skill requests no environment variables or external credentials and does not access other config paths. It only reads the skill's own config file and command-line input, which is proportionate to its stated purpose.
Persistence & Privilege: okalways:false and no persistent background behavior. The skill does not modify other skills or global agent settings. Scripts do not write files unless the user explicitly modifies scripts or redirects output (the provided component-gen prints to stdout).