中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 15/100
Last scan:20 hr ago Rescan
15 /100
clawpacker
Use when exporting, importing, packaging, cloning, restoring, or moving an OpenClaw agent between machines or instances
This is a minimal redirect/pointer skill that delegates to a remote GitHub source but contains no executable code or malicious functionality locally.
Skill Nameclawpacker
Duration25.1s
Enginepi
Safe to install
The skill is functionally inert as delivered. Before use, verify the canonical GitHub source (cogine-ai/clawpack) is trusted and the fetched content is reviewed. Consider embedding the actual implementation locally for transparency.

Findings 2 items

Severity Finding Location
Low
Incomplete capability declaration Doc Mismatch
The skill instructs users to fetch remote content from GitHub but does not declare network access as a required capability. The actual capabilities depend entirely on the fetched canonical SKILL.md.
https://raw.githubusercontent.com/cogine-ai/clawpack/master/skills/clawpacker/SKILL.md
→ Add an allowed-tools section declaring network:READ if this skill will fetch remote content.
 SKILL.md:14
Low
External dependency on remote canonical source Supply Chain
The skill has no local implementation and defers all functionality to a remote GitHub source. If the remote source changes, the skill's behavior changes silently without version pinning.
The canonical instructions live in the `clawpack` repository and should be fetched fresh
→ Consider pinning to a specific commit hash or embedding the canonical implementation locally for reproducible behavior.
 SKILL.md:12
ResourceDeclaredInferredStatusEvidence
Filesystem NONE NONE No file operations in SKILL.md
Network NONE READ ✓ Aligned SKILL.md instructs fetching remote URLs but doesn't declare network:READ

File Tree

1 files · 1.3 KB · 36 lines
Markdown 1f · 36L
└─ 📝 SKILL.md Markdown 36L · 1.3 KB

Security Positives

✓ No executable code present in the delivered skill
✓ No credential access or harvesting attempts
✓ No obfuscated or base64-encoded content
✓ No sensitive path access (.ssh, .env, etc.)
✓ GitHub URLs point to a seemingly legitimate repository structure