Skillv1.0.0

ClawScan security

Kimiim · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 28, 2026, 3:20 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is an instruction-only adapter for a Kimi group-chat workflow and its requested actions and file paths are consistent with that purpose, but it assumes platform tooling and writes/reads workspace files so verify those runtime details before trusting it.
Guidance: This skill appears internally consistent for handling Kimi group-chat interactions, but before installing: (1) confirm your platform actually provides the get-group / list-members / list-messages / send-message tools the instructions expect (the SKILL.md assumes those CLI/tool calls exist); (2) inspect and decide whether you’re comfortable with the agent reading and writing files at .openclaw/workspace/kimi-group-chat/{group-name}/memory.md (these files could contain sensitive info and determine retention/permissions accordingly); (3) because the skill has no homepage or known publisher, prefer using it in a restricted environment or with limited agent autonomy until you validate behavior; and (4) ask the publisher for documentation of the expected runtime tools and storage policy if you need higher assurance.

Purpose & Capability: okThe name/description match the instructions: the SKILL.md defines a Kimi group-chat workflow and uses Kimi-specific commands (get-group, list-members, list-messages, send-message). There are no unrelated environment variables, binaries, or installs requested.
Instruction Scope: noteThe skill requires the agent to read and write group memory files under .openclaw/workspace/kimi-group-chat/{group-name}/memory.md and to call chat tool commands before acting. That is coherent for a group-chat skill, but it mandates disk reads/writes and relies on external tool commands being available; verify those files do not contain unrelated sensitive data and that the platform's Kimi tools behave as expected.
Install Mechanism: okNo install spec and no code files (instruction-only) — lowest install risk. The skill does assume Kimi CLI-like tools exist in the runtime environment, but it does not attempt to install anything itself.
Credentials: okThe skill declares no environment variables, credentials, or external config paths. The only persistent artifact it instructs to use is a workspace path under .openclaw, which is proportionate given the group-memory purpose.
Persistence & Privilege: okFlags are default (no always:true). The skill requests writing/reading its own workspace-scoped files but does not request system-wide or other-skills configuration changes. Autonomous invocation is allowed by default (normal for skills).