openclaw-config

The OpenClaw config skill is largely benign and coherent with its stated purpose of managing configuration, channels, and autopilot settings. However, the runbook frequently references sensitive credential stores and token fields in examples, and includes health-check commands that could reveal secrets if executed in insecure environments. The footprint is proportionate to a configuration-management/documentation tool, but the presence of credential-related guidance and potential exposure vectors means practitioners should enforce strict access controls, redaction, and avoid printing or sharing secrets. Overall, classify as BENIGN with caution (securityRisk moderate) and ensure operators follow redaction and least-privilege practices.