feat(security): fail closed on dangerous skill installs

docs/cli/plugins.md

@@ -64,6 +64,11 @@ when the built-in scanner reports `critical` findings, but it does **not**
 bypass plugin `before_install` hook policy blocks and does **not** bypass scan
 failures.
 
+This CLI flag applies to `openclaw plugins install`. Gateway-backed skill
+dependency installs use the matching `dangerouslyForceUnsafeInstall` request
+override, while `openclaw skills install` remains a separate ClawHub skill
+download/install flow.
+
 `plugins install` is also the install surface for hook packs that expose
 `openclaw.hooks` in `package.json`. Use `openclaw hooks` for filtered hook
 visibility and per-hook enablement, not package installation.

docs/cli/skills.md

@@ -34,3 +34,7 @@ openclaw skills check
 `search`/`install`/`update` use ClawHub directly and install into the active
 workspace `skills/` directory. `list`/`info`/`check` still inspect the local
 skills visible to the current workspace and config.
+
+This CLI `install` command downloads skill folders from ClawHub. Gateway-backed
+skill dependency installs triggered from onboarding or Skills settings use the
+separate `skills.install` request path instead.