Ai Intelligent Audit Logging
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing it would rely on external code and dependencies that were not part of this review.
The skill directs users to obtain dependencies and code from an external, unpinned GitHub repository that is not included in the reviewed artifact set.
git clone https://github.com/openclaw-skills/ai-intelligent-audit-logging cd ai-intelligent-audit-logging pip install -r requirements.txt
Review the referenced repository and requirements before installing, pin a trusted commit or release, and use an isolated virtual environment or container.
Running the command starts code from the external project on the user's machine.
The documented setup flow runs Python code from the cloned project. This is purpose-aligned for a FastAPI app, but it should be an explicit user-controlled action.
python app.py
Run the app only after inspecting the code and dependencies, and avoid running it with unnecessary privileges.
A user might assume stronger official provenance than the provided metadata actually establishes.
The skill uses an official-sounding author attribution, while the surrounding registry data says the source is unknown and skill.json lists a different author. This is a provenance ambiguity rather than proof of deception.
作者:OpenClaw Skills Team
Verify the publisher and repository ownership before trusting or installing the external code.