Skillv1.0.0

ClawScan security

Openclaw Skill Vetter 1.0.0 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 8, 2026, 2:50 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only vetting checklist that asks for reasonable tooling (curl, jq) and limits its actions to reading and reporting on skill files — its requirements and instructions align with its stated purpose.
Guidance: This skill is a sensible, instruction-only vetting checklist and appears internally consistent. Before relying on it: 1) manually review this SKILL.md (a vetter is a meta-tool — it must itself be trusted); 2) never execute downloaded skill files — only read them; 3) treat its automated checks as advisory and perform manual code review for anything classified MEDIUM+ or HIGH; 4) if you plan to let an agent run this autonomously, require a human review step before installing any skill flagged as SAFE by the vetter. If you want extra caution, inspect any referenced integrations (zero-trust-protocol, drift-guard) because they are mentioned but not described or required by this package.

Purpose & Capability: okName, description, and runtime instructions align: this is a vetting/checklist skill and it only requires curl and jq to perform GitHub/HTTP checks and JSON parsing. There are no unrelated credentials, binaries, or config paths requested.
Instruction Scope: okSKILL.md explicitly instructs the agent to download skill packages to a temporary directory and read all files for red flags, and shows curl/jq commands to query GitHub — these actions are within a vetter's scope. Recommendation: the skill should explicitly warn against executing any downloaded code (it currently shows reading/cat commands but does not repeat 'never run code' emphatically).
Install Mechanism: okNo install spec and no code files — instruction-only. This minimizes on-disk persistence and the attack surface. The use of curl/jq (declared) is proportionate and expected.
Credentials: okNo environment variables, credentials, or config paths are requested. The declared requirements (curl, jq) are directly used by the quick-vet commands in SKILL.md and are proportionate to the purpose.
Persistence & Privilege: okalways is false and the skill does not request persistent presence or elevated privileges. It does not modify other skills' configs or ask for system-level changes in its instructions.