Back to skill
Skillv1.0.1
ClawScan security
Give eyes to your openclaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 27, 2026, 4:07 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are consistent with its stated purpose (capturing and analyzing screen/audio via an MCP agent) but there are a few implementation and data-flow details you should verify before installing.
- Guidance
- This skill appears to do what it advertises, but check these things before installing: (1) Confirm the 'eye2byte' package source on PyPI/GitHub matches the SKILL.md links and review the repo/readme for maintainership and recent releases. (2) Be aware that although captures are claimed to be local, configuring a remote SSE transport or a third‑party vision API will send images/audio off the machine — only enable those if you trust the destination. (3) Treat EYE2BYTE_MCP_TOKEN like any secret; check where it's stored (openclaw.json) and rotate it if you stop using the service. (4) Because the installer creates a binary, consider installing in a controlled environment first (or review the package contents) if you run this on sensitive systems.
Review Dimensions
- Purpose & Capability
- okName, description, and declared requirements (python, ffmpeg, EYE2BYTE_MCP_TOKEN) align with a screen-capture/recording tool that runs locally and exposes an MCP endpoint. The primary credential (MCP token) is appropriate for remote SSE transport.
- Instruction Scope
- noteSKILL.md instructs local captures and local storage (~/.eye2byte/output/) which fits the stated purpose. However it explicitly allows using an external 'vision model API the user configured' and remote SSE transport; those configurations would cause captures and transcriptions to be sent off-machine. The file also states the token is stored in openclaw.json — reading/writing agent config is expected but worth noting.
- Install Mechanism
- noteThe install spec uses a 'uv' package named eye2byte that creates an 'eye2byte' binary. SKILL.md references a GitHub repo and PyPI project, so installing a package is consistent, but any install that extracts or installs binaries writes code to disk — verify the package source (PyPI/GitHub) and integrity before installing.
- Credentials
- okOnly one required environment variable (EYE2BYTE_MCP_TOKEN) is listed and it matches the described remote transport use-case. No unrelated secrets or config paths are requested.
- Persistence & Privilege
- okalways is false and model invocation is disabled (skill is user-invocable only), so the skill cannot autonomously run. It stores its own outputs under a user path and the MCP token in openclaw.json as described — this is within expected behavior.