Latest release: v0.1.38Download zip
Capabilities
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill's name, description, SKILL.md, and bundled installer script all consistently target installing/repairing Hirey Hi via the OpenClaw/ClawHub package path. However, the skill metadata declares no required binaries while the runtime flow and bundled script clearly expect an OpenClaw CLI and a Node.js environment (the script is a Node .mjs file and the SKILL.md instructs running `openclaw plugins install ...`). That mismatch (missing declared required binaries) is an incoherence to be aware of.
Instruction Scope
The SKILL.md stays within the installation/repair scope: it instructs a canonical package install (openclaw plugins install clawhub:hirey-openclaw-hi-install) followed by running the bundled host installer script. It explicitly directs the agent not to read unrelated local secrets or ask the user for tokens, and it relies on the installer to generate hooks tokens and write OpenClaw config. No instructions were found that attempt to read or transmit unrelated host data.
Install Mechanism
There is no platform-level install spec (instruction-only plus a bundled script), so nothing will be auto-downloaded by the skill package itself. The included installer script will likely run local commands (openclaw, npm) to install pinned npm packages into a user-writable vendor dir (~/.openclaw/vendor/hi). Fetching packages from the npm registry is part of normal behavior here but introduces normal network fetch risk; the script pins package names/versions which reduces ambiguity.
Credentials
The skill declares no required environment variables or credentials and the SKILL.md does not ask the user to provide secrets. The installer generates and writes local hooks tokens and config via OpenClaw commands rather than asking for global credentials. No unrelated cloud credentials or external secret requests were found.
Persistence & Privilege
The skill will modify host OpenClaw configuration and write state under user-scoped directories (e.g., ~/.openclaw/...), which is expected for an installer. always:false (not forcibly always-loaded) and there is no metadata requesting system-wide privileged persistence beyond normal installation files. The script will create a hooks token and write MCP/config state — that is required for operation but is a privileged action on the host, so run only on hosts you control.
Assessment
This skill is coherent with its purpose but review the following before installing: 1) Ensure the target host has the OpenClaw CLI and Node.js available (the metadata did not declare these binaries but the installer expects them). 2) The installer will run local commands (openclaw, npm) and fetch pinned npm packages into a per-user vendor directory (~/.openclaw/vendor/hi); verify you trust the hi.hireyapp.us default platform and the pinned @hirey packages. 3) The installer will generate and write a hooks bearer token and modify OpenClaw config — back up your OpenClaw config if you need to revert. 4) If you require a private Hi deployment or a different platform URL, do not use the skill as-is; the flow enforces Hirey's public default URL. 5) If you want to audit runtime behavior, inspect the included scripts (openclaw-host-installer.mjs) and consider running the canonical package install and the script manually in a test environment before allowing an autonomous agent to run it in production.