AutoThink Security Report — Trusted | ClawSafe

5 /100

AutoThink

Automatically adjust OpenClaw's thinking level based on message complexity with persistent session mode switching

AutoThink is a legitimate, dependency-free thinking-mode manager that safely spawns the openclaw binary with no malicious indicators.

Skill NameAutoThink

Duration43.3s

Enginepi

✓

Safe to install

No action needed. The skill is safe to use as designed.

Findings 2 items

Severity	Finding	Location
Info	Version string inconsistency Doc Mismatch skill.json declares version '1.0.0' while _meta.json and SKILL.md declare '2.0.0'. This is a cosmetic documentation inconsistency with no security impact. `"version": "1.0.0"` → Unify version strings across all metadata files before release.	`skill.json:3`
Info	spawn with shell:true in CLI RCE cli.js uses child_process.spawn with shell:true to launch the openclaw binary. Args are passed as an array with no shell string interpolation, so there is no command injection risk — this is standard Node.js CLI practice. `const proc = require('child_process').spawn('openclaw', args, { stdio: 'inherit', shell: true, env: { ...process.env } });` → shell:true is unnecessary here but not dangerous given array-based arg construction. Could be removed for clarity.	`src/cli.js:29`

Resource	Declared	Inferred	Status	Evidence
Shell	`NONE`	`WRITE`	✓ Aligned	cli.js:29 — spawns 'openclaw' binary with documented flags; this is the skill's …
Filesystem	`NONE`	`NONE`	—	No filesystem access found in any source file
Network	`NONE`	`NONE`	—	No network requests found
Environment	`NONE`	`NONE`	—	process.env only read for OPENCLAW_SESSION_ID and AUTOTHINK_DEBUG, no secret enu…
Skill Invoke	`READ`	`READ`	✓ Aligned	Engine exposes processMessage/analyzeComplexity as documented API
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser access
Database	`NONE`	`NONE`	—	No database access

9 files · 27.6 KB · 1110 lines

Markdown 3f · 486L JavaScript 3f · 486L JSON 3f · 138L

├─ ▾ 📁 src

│ ├─ 📜 cli.js JavaScript 180L · 4.9 KB

│ ├─ 📜 hook.js JavaScript 47L · 1.1 KB

│ └─ 📜 index.js JavaScript 259L · 7.3 KB

├─ 📋 _meta.json JSON 50L · 1.3 KB

├─ 📝 DESIGN_V2.md Markdown 164L · 4.0 KB

├─ 📋 package.json JSON 23L · 454 B

├─ 📝 README.md Markdown 129L · 2.6 KB

├─ 📋 skill.json JSON 65L · 1.3 KB

└─ 📝 SKILL.md Markdown 193L · 4.7 KB

✓ Zero external dependencies — no supply chain attack surface

✓ No credential harvesting or sensitive file/path access

✓ No network requests or data exfiltration

✓ No obfuscation, base64-encoded code, or anti-analysis techniques

✓ All subprocess execution is intentional (spawning openclaw) and documented

✓ Clean in-memory state management with no persistence to disk

✓ No hidden functionality — all behavior is readable in source files