Back to skill
Skillv1.0.0
ClawScan security
Openclaw Listing Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 8, 2026, 12:22 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, docs, and install script are consistent with a listing-generator: it only writes files into the user's OpenClaw workspace and registers an agent; it does not request credentials or contact external hosts.
- Guidance
- This package appears coherent and low-risk, but take these precautions before running the installer: 1) Inspect the files (SKILL.md, AGENTS_SNIPPET.md, install.sh) yourself — they are small and readable. 2) Backup ~/.openclaw/workspace/AGENTS.md before running the script (it appends the agent snippet). 3) Run install.sh only if you expect an agent to auto-trigger on messages/images (the agent registers trigger rules and will respond to matching messages). 4) The skill does not request secrets or perform network installs, but verify you are comfortable with the upsell prompt and the enforced behaviour (always output AliExpress after Amazon) in AGENTS_SNIPPET. 5) If you prefer manual control, skip the script and manually copy SKILL.md and review/merge AGENTS_SNIPPET.md into your AGENTS.md yourself.
Review Dimensions
- Purpose & Capability
- okName/description (cross-border listing generator) match the included SKILL.md, examples, and AGENTS_SNIPPET. Required env vars/binaries are empty and the files only implement listing generation, formatting rules, and quality checks — nothing unrelated (no cloud creds, no unrelated service integrations).
- Instruction Scope
- noteRuntime instructions are narrowly scoped to collecting product fields, enforcing format rules, and producing Amazon/AliExpress outputs. The AGENTS_SNIPPET does enforce behavioral rules (e.g., 'always output AliExpress version after Amazon' and append an upsell prompt), which is marketing/behavioral scope beyond pure generation but coherent with the skill's purpose. The instructions do not direct the agent to read unrelated system files or environment secrets.
- Install Mechanism
- noteNo network downloads or third-party package installs. The included scripts/install.sh copies SKILL.md and examples into ~/.openclaw/skills and appends AGENTS_SNIPPET.md to ~/.openclaw/workspace/AGENTS.md. That is a local file-write operation (no external executables fetched), which is low-risk but requires modifying a user config file.
- Credentials
- okThe skill declares no required environment variables, no credentials, and no special config paths beyond the standard OpenClaw workspace. It mentions needing a vision-capable model at runtime (a usage note), but it does not request secrets or unrelated access.
- Persistence & Privilege
- notealways:false (no forced global inclusion). The install script appends an agent entry to AGENTS.md which registers trigger rules so the agent can be invoked automatically when matching messages arrive — this is expected for OpenClaw agents but is a persistent change to the user's workspace. The skill does not modify other skills or system-wide settings beyond adding its agent snippet.