Ai Intelligent Audit Logging
PassAudited by ClawScan on May 1, 2026.
Overview
The provided skill does not show malicious behavior, but it is mostly a setup stub that asks users to clone and run an unpinned external Python project.
Before installing, verify that the GitHub repository is the one you intend to trust, inspect its code and requirements, and run it in an isolated environment. If you use it for audit logs, remember those logs may contain sensitive business or user activity data.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing it would rely on external code and dependencies that were not part of this review.
The skill directs users to obtain dependencies and code from an external, unpinned GitHub repository that is not included in the reviewed artifact set.
git clone https://github.com/openclaw-skills/ai-intelligent-audit-logging cd ai-intelligent-audit-logging pip install -r requirements.txt
Review the referenced repository and requirements before installing, pin a trusted commit or release, and use an isolated virtual environment or container.
Running the command starts code from the external project on the user's machine.
The documented setup flow runs Python code from the cloned project. This is purpose-aligned for a FastAPI app, but it should be an explicit user-controlled action.
python app.py
Run the app only after inspecting the code and dependencies, and avoid running it with unnecessary privileges.
A user might assume stronger official provenance than the provided metadata actually establishes.
The skill uses an official-sounding author attribution, while the surrounding registry data says the source is unknown and skill.json lists a different author. This is a provenance ambiguity rather than proof of deception.
作者:OpenClaw Skills Team
Verify the publisher and repository ownership before trusting or installing the external code.