openclaw-extend

BENIGN with elevated operational risk. The skill is internally consistent with its stated purpose as an OpenClaw extension operator, and the referenced CLI behavior matches official OpenClaw documentation. The main concerns are proportional but significant: broad plugin/hook supply-chain exposure, transitive trust in third-party extensions, and powerful remote node actions with real-world consequences. This looks like a legitimate admin skill rather than malware, but it should be treated as high-trust infrastructure tooling.