openclaw-control-center

SUSPICIOUS. The skill is broadly coherent with a local OpenClaw dashboard and keeps most data flows local, but it is published by a third-party repo, requires access to sensitive OpenClaw state/token files, and can perform gated write actions. This looks more like a medium-risk admin/integration skill than malware; risk comes from trust and credential scope rather than clear exfiltration.