OpenClaw Skill Reviewer
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent OpenClaw skill-review checklist, but it tells the agent to test scripts from skills under review without sandboxing or approval guidance.
Use this skill cautiously for untrusted skills: keep the review read-only at first, do not run reviewed scripts until you have inspected them, and execute any tests only in a sandbox with explicit user approval.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or buggy reviewed skill script could modify local files, call the network, or run arbitrary code in the user's environment.
The skill tells the agent to execute scripts from the skill being reviewed. Those reviewed scripts may be untrusted, and the artifacts do not require sandboxing, read-only mode, dry-run behavior, or explicit user approval before execution.
**For skills with scripts:** - Test scripts to ensure they work correctly - Verify output matches expected format - Check error handling
Inspect reviewed scripts first, show the exact command to the user, and run only with explicit approval in an isolated sandbox or temporary directory with minimal permissions.
Validation may fail on other systems or may run whatever local file exists at that path if the environment is not trusted.
The validation step is purpose-aligned, but it depends on a helper script outside the packaged artifacts at a hard-coded, user-specific local path.
python3 /home/yupeng/.npm-global/lib/node_modules/openclaw/skills/skill-creator/scripts/package_skill.py <skill-path>
Use a trusted, official OpenClaw validator path or declared dependency, and verify the helper script source before running it.
Local agent configuration could influence the review context or reveal environment-specific details if loaded unnecessarily.
The skill may load a local persistent agent instruction/configuration file for comparison. This is related to the review purpose, but it should be treated as reference data rather than operational instructions.
Example: If skill generates AGENTS.md templates, compare with `/home/yupeng/.openclaw/workspace/AGENTS.md`
Prefer sanitized official specifications for comparison, or load only the relevant sections and ignore any instructions as active commands.