Back to skill
Skillv1.0.0
ClawScan security
OCT 助手 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 11:46 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only helper that provides installation and usage docs for the OpenClaw Terminal (OCT) and does not ask for extra credentials or perform unexpected actions.
- Guidance
- This skill is documentation-only and appears internally consistent. Before installing the OCT desktop app linked in the guide, verify the GitHub repository and release (author identity, release notes, and checksums) and only install binaries from sources you trust. Be cautious granting any desktop app broad system-control permissions — review what OCT requests at first run and consider testing in a sandbox/VM if you have concerns.
Review Dimensions
- Purpose & Capability
- okThe name/description promise configuration templates and usage guidance for OCT; the SKILL.md content matches that purpose and does not request unrelated capabilities, binaries, or credentials.
- Instruction Scope
- okThe instructions are documentation-style (how to install via clawhub or from a GitHub release, usage tips, community links). They do not direct the agent to read system files, exfiltrate data, or access environment variables.
- Install Mechanism
- okThere is no install spec in the skill itself (instruction-only). The referenced download is a GitHub Releases URL (a normal release host). The skill does not embed or automatically install binaries.
- Credentials
- okNo environment variables, credentials, or config paths are required or referenced. This is proportionate for a documentation/help skill.
- Persistence & Privilege
- okalways: false and default model-invocation settings are used. The skill does not request permanent presence or modify other skills or system-wide settings.