openclaw

The skill aims to manage OpenClaw registry interactions for searching and installing skills, which inherently involves executing code from a remote registry and performing transitive installations. While the described workflow is plausible for a registry-backed skill manager, it introduces non-trivial security risks: remote code execution during installation, reliance on an unverified external registry, and automatic integration of newly installed skills into the agent’s prompts without per-skill user consent. These patterns are inconsistent with a tightly-scoped, low-risk skill. Treat as SUSPICIOUS to HIGH-RISK (securityRisk ~0.6) until mitigations are in place (e.g., pinned registry sources, code-signing, per-skill review, explicit user approval before loading new skills).