Skillv1.0.1

ClawScan security

Openclaw Troubleshoot Cn · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 14, 2026, 9:32 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only Chinese troubleshooting guide for OpenClaw and its commands and requirements are consistent with that purpose, but several suggestions are destructive or sensitive and should be used with caution.
Guidance: This skill is a straightforward Chinese troubleshooting guide and appears coherent with its stated purpose. Before running any commands: 1) Review each command line-by-line and understand it — several commands are destructive (kill -9, db reset, config reset, chown) and can cause data loss or system changes. 2) Back up data (e.g., cp ~/.openclaw/data ...) before resetting or deleting anything. 3) Replace placeholders (YOUR_TOKEN, YOUR_KEY) with your own tokens only when you trust the endpoint; do not paste secrets into untrusted places. 4) Prefer safer alternatives (stop services gracefully instead of kill -9) when possible. 5) The paid support contact information is external and not part of the platform — verify official OpenClaw support channels before paying or sharing access. 6) Although no automated installs or hidden endpoints are present, exercise normal operational caution: test risky commands in a safe environment or with backups in place.

Purpose & Capability: okName and description match the SKILL.md content. The file contains troubleshooting steps for installation, connectivity, model/API checks, logs, and database/config operations that are appropriate for an OpenClaw troubleshooting guide. The skill does not request unrelated credentials, binaries, or installs.
Instruction Scope: noteThe instructions are within scope for troubleshooting but include potentially destructive or sensitive commands (sudo chown on system paths, kill -9, openclaw db reset, openclaw config reset, and copying/removing ~/.openclaw data). It also shows curl examples that require user tokens and points to documentation/community links and a paid support contact. These are expected for troubleshooting, but they require user caution.
Install Mechanism: okNo install spec or code is included; this is instruction-only so nothing is written to disk by the skill itself.
Credentials: okThe skill declares no required environment variables or credentials. The commands reference tokens and keys in examples (Telegram bot token, API keys) which is normal for testing connectivity; no unexplained secrets are requested by the skill itself.
Persistence & Privilege: okalways is false and the skill does not request persistent system privileges or modify other skills or global agent configs. It references user files (~/.openclaw, ~/.npm) only in the context of troubleshooting.