Skillv1.0.2

ClawScan security

can-ai-replace-me · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 19, 2026, 6:33 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This instruction-only SOP-extraction skill is internally consistent with its description: it asks questions, generates AS-IS/TO-BE visualizations and OpenClaw configuration files, and does not request extra binaries, credentials, or install steps.
Guidance: This skill appears to do what it says: ask targeted questions, produce ASCII and optional Mermaid diagrams, and generate OpenClaw config files. Before installing/using it: 1) Review any generated SOUL/USER/AGENTS/TOOLS/HEARTBEAT/IDENTITY files carefully — do not blindly copy/overwrite your existing OpenClaw configs; back up current files first. 2) Avoid pasting secrets or credentials into the chat; the skill does not require API keys but user input could include sensitive data. 3) If the agent asks for your OpenClaw config directory or to write files, confirm the exact paths and verify file contents. 4) If you plan to deploy the generated skill artifacts into a production OpenClaw instance, test in an isolated environment first.

Review Dimensions

Purpose & Capability: okThe name/description match the actual behavior: guided Socratic questioning to extract SOPs, produce AS-IS/TO-BE diagrams and a set of OpenClaw configuration files. There are no unexpected dependencies, env vars, or binaries declared.
Instruction Scope: noteInstructions remain within SOP extraction and artifact generation. Two points to note: (1) the skill produces configuration files and explicitly recommends copying them into the user's OpenClaw configuration directory (including an option to 'overwrite'), so users should be warned to back up existing configs before applying; (2) the skill suggests asking OpenClaw for the configuration directory path, which could prompt the agent to request or reveal filesystem paths — this is coherent with the task but worth caution.
Install Mechanism: okNo install specification or external downloads — instruction-only. Nothing is written to disk by provided code (no code files), so no install risk from archives or remote URLs.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The configuration-file outputs it generates are appropriate for the stated goal and do not require other secrets. The requested level of access is proportional to the purpose.
Persistence & Privilege: okalways is false and the skill is user-invocable. It does not request permanent presence or elevated privileges, nor does it instruct modifying other skills or global agent settings beyond guiding placement of generated OpenClaw config files.