Back to skill
Skillv1.0.52
ClawScan security
Ai Agent Builder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 16, 2026, 3:49 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions generally match an
- Guidance
- This skill appears to be an instruction-only template for creating and deploying agents using the 'openclaw' CLI and is broadly coherent with its description, but take care before using it: 1) The SKILL.md assumes you have the 'openclaw' CLI — verify you have that tool from a trusted source (the skill metadata did not declare this dependency). 2) Integrating email, database, or other tools will require credentials and permissions later; do not provide secrets unless you trust the deployment target and understand what access the agent will get. 3) The skill has no homepage or provenance listed—prefer skills with clear authorship or documentation. 4) Test commands in a sandbox or staging environment first, limit agent permissions, and enable monitoring/alerts for agent actions. If you want to install this, ask the author for a provenance link and explicit list of runtime dependencies and required credentials.
Review Dimensions
- Purpose & Capability
- noteThe SKILL.md describes an AI Agent builder and shows CLI commands (openclaw run ai-agent-builder create/add-tool/deploy) that are coherent with the name and description. However, the skill metadata declares no required binaries even though the runtime instructions assume the presence of the 'openclaw' CLI; that's an omission. The listed tool integrations (search, email, database) make sense for this purpose, but they imply needing external credentials which the skill does not declare.
- Instruction Scope
- okInstructions are limited to example CLI commands and YAML/config samples. They do not instruct reading arbitrary host files, harvesting environment variables, or contacting unexpected external endpoints. The scope is focused on creating/configuring/deploying agents via the openclaw CLI.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files, so nothing is written to disk by the skill package itself. That is lower risk. However, runtime commands rely on external tooling (openclaw) which is not installed by the skill.
- Credentials
- noteThe skill declares no required environment variables or credentials. In practice, integrating tools like email or databases will require credentials and permissions at deployment time; the SKILL.md does not document or request them. Monitor for later prompts that ask for secrets and ensure you only provide credentials to trusted systems.
- Persistence & Privilege
- okThe skill is not always-enabled and is user-invocable; it does not request persistent presence or escalate privileges in the metadata. As an instruction-only skill it does not modify other skills or system settings itself.