openclaw

The skill is coherent with its stated purpose and uses an official install path, so it does not look malicious. However, OpenClaw’s purpose itself is high risk: it bridges untrusted external content into AI agents, stores channel tokens locally, supports webhook-triggered execution, sub-agents, and scheduled outbound messaging. This should be classified as BENIGN in intent but HIGH security risk in operation.