Claude Code Enhancement Security Report — Low Risk | ClawSafe

15 /100

Claude Code Enhancement

Multi-agent coordination framework for OpenClaw with memory, permission, workflow, and agent management capabilities

This is a legitimate multi-agent coordination framework with no malicious behavior. The skill implements Coordinator, Memory, Permission, Workflow, and Agent management without any suspicious file operations, network calls, credential harvesting, or hidden functionality.

Skill NameClaude Code Enhancement

Duration39.6s

Enginepi

✓

Safe to install

The skill is safe to use. Minor documentation gaps exist (e.g., BYPASS permission mode mentioned in docs but not fully implemented), but these do not constitute security risks.

Findings 3 items

Severity	Finding	Location
Low	Unnecessary subprocess import coordinator.py imports subprocess module but never uses it. This creates a false impression of shell execution capability. `import subprocess` → Remove unused import to avoid confusion	`coordinator/coordinator.py:9`
Low	Documentation scope mismatch SKILL.md mentions 'bypass' permission mode but permission.py only implements DEFAULT, AUTO, and PLAN modes. BYPASS mode is referenced in check() but never exposed as a settable option. `if self.mode == PermissionMode.BYPASS:` → Either implement BYPASS mode fully or remove references from documentation	`permission/permission.py:60`
Info	Memory directory auto-creation MemorySystem automatically creates ~/.openclaw/workspace/memory/ on initialization. This is expected behavior for a memory persistence feature. `self.memory_dir.mkdir(parents=True, exist_ok=True)` → No action needed - this is documented behavior	`memory/memory.py:26`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`WRITE`	✓ Aligned	memory.py writes to ~/.openclaw/workspace/memory/ for user preferences
Network	`NONE`	`NONE`	—	No network operations found
Shell	`NONE`	`NONE`	—	subprocess imported but never invoked
Environment	`NONE`	`NONE`	—	No os.environ access for credential harvesting
Skill Invoke	`NONE`	`NONE`	—	Internal module orchestration only
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser automation
Database	`NONE`	`NONE`	—	No database operations

13 findings

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/OpenClaw-增强组件-blue?style=for-the-badge&logo=rocket

README.md:4

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/Version-1.0.0-green?style=for-the-badge

README.md:5

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/Python-3.12+-yellow?style=for-the-badge

README.md:6

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/版本-1.0.0-green?style=for-the-badge

SKILL.md:5

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/许可证-MIT-orange?style=for-the-badge

SKILL.md:7

🔗

Medium External URL 外部 URL

https://streak-stats.demolab.com?user=ntaffffff&theme=dark&hide_border=true

SKILL.md:18

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/安全-企业级-red?style=for-the-badge

SKILL.md:74

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/记忆-永久保存-blue?style=for-the-badge

SKILL.md:110

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/进度-可视化-green?style=for-the-badge

SKILL.md:141

🔗

Medium External URL 外部 URL

https://contributors-img.web.app/image?repo=ntaffffff/openclaw-claude-code-enhancement

SKILL.md:287

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/许可证-MIT-blue?style=for-the-badge

SKILL.md:307

🔗

Medium External URL 外部 URL

https://img.shields.io/github/stars/ntaffffff/openclaw-claude-code-enhancement?style=social

SKILL.md:320

🔗

Medium External URL 外部 URL

https://img.shields.io/github/forks/ntaffffff/openclaw-claude-code-enhancement?style=social

SKILL.md:323

File Tree

9 files · 75.4 KB · 2499 lines

Python 7f · 1903L Markdown 2f · 596L

├─ ▾ 📁 agent

│ └─ 🐍 agent_tool.py Python 263L · 7.9 KB

├─ ▾ 📁 coordinator

│ └─ 🐍 coordinator.py Python 197L · 6.2 KB

├─ ▾ 📁 memory

│ └─ 🐍 memory.py Python 303L · 9.1 KB

├─ ▾ 📁 permission

│ └─ 🐍 permission.py Python 245L · 7.7 KB

├─ ▾ 📁 workflow

│ └─ 🐍 workflow.py Python 286L · 9.1 KB

├─ 🐍 main.py Python 215L · 6.9 KB

├─ 🐍 nlp_parser.py Python 394L · 12.2 KB

├─ 📝 README.md Markdown 266L · 6.6 KB

└─ 📝 SKILL.md Markdown 330L · 9.7 KB

Dependencies 4 items

Package	Version	Source	Known Vulns	Notes
`json`	`builtin`	stdlib	No	Standard library only
`uuid`	`builtin`	stdlib	No	Standard library only
`asyncio`	`builtin`	stdlib	No	Standard library only
`pathlib`	`builtin`	stdlib	No	Standard library only

Security Positives

✓ No credential harvesting - no access to ~/.ssh, ~/.aws, .env, or similar sensitive paths

✓ No network exfiltration - no external IP connections or data transmission

✓ No shell execution - subprocess imported but never called

✓ No base64/eval obfuscation - all code is readable plaintext

✓ No hidden instructions in HTML comments or elsewhere

✓ No curl|bash or wget|sh remote script execution

✓ No data theft patterns (iterating os.environ for keys)

✓ Filesystem writes are limited to user preference storage (~/.openclaw/workspace/memory/)

✓ No suspicious GitHub URLs pointing to credential harvesting repos

Scan Report

Findings 3 items

File Tree

Dependencies 4 items

Security Positives