Skillv2.0.0

ClawScan security

OpenClaw Regex Engine · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 7, 2026, 2:11 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's declared capabilities (test, explain, build, browse, replace regexes) match what its SKILL.md asks for and it requests no credentials or installs — the package is internally coherent.
Guidance: This skill appears to do what it says: regex testing, explanation, building, library lookup, and find/replace. Key things to consider before installing or using it: (1) It references an external MCP endpoint (a Cloudflare Workers URL). Any regex patterns and sample text you submit may be sent to that remote service — avoid sending secrets, passwords, API keys, or private data. (2) The homepage and worker domain do not clearly match the registry owner; if you need stronger assurance, verify the operator (GitHub repo, contact, or privacy policy) before using it for sensitive workloads. (3) Because it's instruction-only (no code files), the static scanner had nothing to analyze; review the skill's MCP/service host and privacy terms if you care about data retention. If you only need offline processing, consider local regex tools instead.

Review Dimensions

Purpose & Capability: noteThe skill claims only regex-related features and its SKILL.md contains matching commands (regex_test, regex_explain, regex_build, regex_library, regex_replace). It does not request binaries, env vars, or config paths, which is proportionate. One minor inconsistency: the SKILL.md includes an external MCP endpoint (https://regex-engine-mcp.yagami8095.workers.dev/mcp) and a homepage URL pointing to a GitHub repo (yedanyagamiai-cmd/openclaw-mcp-servers) that do not obviously match the published owner/slug; this is worth verifying but does not in itself contradict the stated purpose.
Instruction Scope: okThe instructions limit behavior to regex testing, explanation, building, library browsing, and find/replace. They do not instruct the agent to read arbitrary files, scan system paths, or exfiltrate unrelated environment variables. There is no vague 'gather any context you need' wording — activation triggers are well-scoped to regex-related user requests.
Install Mechanism: noteThere is no install spec (instruction-only), which is low risk. However, the SKILL.md references an external streamable-http MCP URL (a Cloudflare Workers domain). Using that remote service would cause user-submitted patterns and sample text to be sent to a third-party endpoint — verify the operator, privacy policy, and hosting before sending sensitive data.
Credentials: okNo environment variables, credentials, or config paths are requested. The SKILL.md explicitly states 'No API key needed for Free tier.' The lack of required secrets is proportional to the claimed functionality.
Persistence & Privilege: okalways is false and there is no request to modify other skills or system configuration. The skill uses normal autonomous invocation defaults; there are no elevated or persistent privileges requested.