clawauth
Enables agents to request OAuth access asynchronously, enhancing user experience while securely managing API tokens.
Install this skill
or
8/100
Security score
The clawauth skill was audited on Feb 18, 2026 and we found 8 security issues across 2 threat categories, including 6 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
high line 3
Access to system keychain/keyring
SourceSKILL.md
| 3 | description: Let agents request OAuth access from end users via short links, continue working asynchronously, and later claim reusable third-party API tokens from local keychain storage instead of a c |
high line 20
Access to system keychain/keyring
SourceSKILL.md
| 20 | - CLI claims once and stores token locally in system keychain. |
high line 187
Access to system keychain/keyring
SourceSKILL.md
| 187 | - `storedInKeychain` |
high line 188
Access to system keychain/keyring
SourceSKILL.md
| 188 | - `keychainService` |
high line 189
Access to system keychain/keyring
SourceSKILL.md
| 189 | - `keychainAccount` |
high line 212
Access to system keychain/keyring
SourceSKILL.md
| 212 | - Tokens stored locally in OS keychain via CLI. |
low line 4
External URL reference
SourceSKILL.md
| 4 | metadata: {"openclaw":{"emoji":"🔐","homepage":"https://auth.clawauth.app","requires":{"bins":["clawauth"]},"install":[{"id":"node","kind":"node","package":"clawauth","bins":["clawauth"],"label":"Inst |
low line 71
External URL reference
SourceSKILL.md
| 71 | - `https://auth.clawauth.app` |
Scanned on Feb 18, 2026
View Security DashboardGitHub Stars 2.2K
Rate this skill
Categorysales
UpdatedApril 4, 2026
openclawapisdrcustomer-success-managertechnical-supportsales-engineerbusiness-developmentnotiongithubdiscordlinearairtableasanatrelloslackgitlabfigmabitbucketsalessupport
openclaw/skills