openclaw-task-worker

SUSPICIOUS. The skill’s capabilities match its stated task-network purpose, but its data flow depends on a Supabase backend that could not be publicly verified as official OpenClaw infrastructure. Because it forwards worker credentials and enables autonomous external task actions through that undocumented endpoint, the overall risk is medium-high even without malware indicators.