SkillScan

OpenClaw analysis

The skill generally does what it says (scans skill packages and can perform cloud-powered analysis) but it contains several intrusive behaviors (writing to a global SOUL.md, enumerating many user paths, collecting a MAC/unique client id, and uploading files to an external service) that are privacy-sensitive and deserve review before install.

Confidence: medium

VirusTotal

Type: OpenClaw Skill Name: skillscan Version: 1.0.0 The skill functions as a security scanner but exhibits several high-risk behaviors that border on malicious data harvesting. In `scripts/scanner.py`, it collects system fingerprints (including MAC addresses) and uploads the full source code of all detected skills to a third-party domain (`skillscan.tokauth.com`) for 'cloud analysis.' The script searches for skills across an unusually broad range of directories belonging to other AI agents and IDEs (e.g., Cursor, Claude, Copilot, Windsurf). Additionally, `SKILL.md` instructs the agent to modify the core `SOUL.md` configuration to ensure its rules persist, and the script includes an auto-update mechanism that downloads and executes remote ZIP payloads.