Skill Trust Decision
clawclone
ClawClone skill documents backup of API keys and tokens with cloud upload capability, but the implementation file (clawclone.mjs) is missing, making it impossible to verify actual behavior.
Most direct threat evidence
High Doc Mismatch
Missing implementation file SKILL.md references 'clawclone.mjs' for all operations, but this file does not exist in the skill directory. Unable to verify actual functionality.
SKILL.md:1 Why this conclusion was reached
3/4 dimensions flagged Block
Declared vs actual capability
2 undeclared or violating capabilities were inferred.
Block
Hidden execution and egress
1 high-risk artifacts or egress signals were extracted.
Block
Attack chain and severe findings
The report includes 0 attack-chain steps and 2 severe findings.
Pass
Dependencies and supply chain hygiene
Dependencies are present but no obvious high-risk issue stands out.
What drove the risk score up
Missing implementation file +15
SKILL.md references clawclone.mjs but file does not exist in repository
Documented credential backup +15
SKILL.md explicitly states 'Config: Optional: API keys and tokens' can be included in backups
Cloud upload with external API +10
CLAWCLONE_API_KEY enables cloud operations to clawclone.cc
Hardcoded API key placeholder +5
SKILL.md:209 shows API_KEY='your_clawclone_api_key' example
Most important evidence
High Doc Mismatch
Missing implementation file
SKILL.md references 'clawclone.mjs' for all operations, but this file does not exist in the skill directory. Unable to verify actual functionality.
SKILL.md:1 Request implementation files before using this skill. Cannot verify stated functionality without code.
High Credential Theft
Documented credential backup capability
SKILL.md explicitly states 'Config: Optional: API keys and tokens (if configured)' can be included in backups and uploaded to cloud.
SKILL.md:23 Remove credential backup capability or provide verifiable safeguards. Users should never backup credentials automatically.
Medium Doc Mismatch
Undeclared shell execution
SKILL.md documents node command execution but shell:WRITE permission is not declared in the metadata.
SKILL.md:6 Declare shell:WRITE permission if subprocess execution is required.
Low Sensitive Access
Hardcoded API key placeholder
SKILL.md contains example with hardcoded API key placeholder at line 209.
SKILL.md:209 Use placeholder text like <YOUR_API_KEY> instead of 'your_clawclone_api_key' to avoid accidental credential exposure.
Declared capability vs actual capability
Filesystem Pass
Declared WRITE
→ Inferred WRITE
SKILL.md:8 'write: ~/.openclaw/' Network Block
Declared READ
→ Inferred WRITE
SKILL.md:9 'network: https' but upload operations implied Shell Block
Declared NONE
→ Inferred WRITE
SKILL.md documents node clawclone.mjs execution Suspicious artifacts and egress
High API Key
API_KEY="your_clawclone_api_key" SKILL.md:209
Medium External URL
https://clawclone.cc SKILL.md:3
Medium External URL
https://clawclone.cc/dashboard/settings SKILL.md:49
Dependencies and supply chain
| Package | Version | Source | Known vuln | Notes |
|---|---|---|---|---|
| node | >=16.0.0 | system | No | System dependency, not a package manager dependency |
File composition
2 files · 231 lines
Markdown 1 files · 220 linesJSON 1 files · 11 lines
Files of concern · 1
SKILL.md Missing implementation file · Documented credential backup capability · Undeclared shell execution · Hardcoded API key placeholder · API_KEY="your_clawclone_api_key" · https://clawclone.cc · https://clawclone.cc/dashboard/settings
Other files · package.json
Security positives
SKILL.md is well-structured and documents functionality clearly
Test mode (--test flag) available for safe preview before operations
Local operations don't require API key - cloud features are optional
Pre-restore backups created automatically at ~/.openclaw/backup