Security Skill Scanner
by @digitaladaption
Security scanner for ClawdHub skills - detects suspicious patterns, manages whitelists, and monitors Moltbook for security threats.
clawhub install openclaw-skills-security-checkerπ About This Skill
name: security-skill-scanner version: 1.0.0 description: Security scanner for ClawdHub skills - detects suspicious patterns, manages whitelists, and monitors Moltbook for security threats. homepage: https://github.com/digitaladaption/openclaw-skills-security-checker metadata: {"clawdbot":{"emoji":"π","category":"security"},"author":"ClaudiatheLobster"}
Security Skill Scanner
Scans ClawdHub skills for suspicious patterns, manages permission manifests, and monitors Moltbook for security threats.
Features
Usage
Scan All Skills
python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py
Scan Specific Skill
python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py --skill nano-banana-pro
Add to Whitelist
python3 /root/clawd/skills/security-skill-scanner/whitelist-manager.py add skill-name "reason for whitelist"
Check Whitelist
python3 /root/clawd/skills/security-skill-scanner/whitelist-manager.py list
Monitor Moltbook (One-shot)
bash /root/clawd/skills/security-skill-scanner/moltbook-monitor.sh
Files
| File | Purpose |
|------|---------|
| skill-scanner.py | Main scanner with regex pattern detection |
| whitelist-manager.py | Manage false-positive whitelist |
| moltbook-monitor.sh | Moltbook security feed monitor |
| permission-manager.py | Generate skill permission manifests |
| data/whitelist.json | Whitelisted skills database |
Patterns Detected
| Category | Patterns | |----------|----------| | Credential Theft | .env access, webhook.site, POST secrets | | Command Injection | os.system, eval, shell=True, subprocess | | Network Exfil | HTTP requests with Bearer tokens | | Suspicious Downloads | wget, curl -O, remote scripts |
Whitelisted Skills
These skills are known legitimate and excluded from warnings:
Cron Jobs (Optional)
Add to crontab for automated scanning:
# Daily skill scan at 4 AM
0 4 * * * python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py >> /var/log/skill-scan.log 2>&1Moltbook monitor every 30 min
*/30 * * * * bash /root/clawd/skills/security-skill-scanner/moltbook-monitor.sh >> /var/log/moltbook-monitor.log 2>&1
Pre-Install Hook (Block Suspicious Skills)
Install new skills with automatic security scanning that BLOCKS suspicious installations:
Quick Install with Scan
# Interactive mode (asks before installing)
bash /root/clawd/skills/security-skill-scanner/install-skill.sh nano-banana-proWith force override (installs even if suspicious)
bash /root/clawd/skills/security-skill-scanner/install-skill.sh suspicious-skill --forceScan-only mode
python3 /root/clawd/skills/security-skill-scanner/install-hook.py skill-name --scan-only
Integration with molthub
Add to your shell profile for automatic scanning on every install:
# Add to ~/.bashrc or ~/.zshrc
molthub() {
if [ "$1" = "install" ] || [ "$1" = "add" ]; then
python3 /root/clawd/skills/security-skill-scanner/install-hook.py "$2" --interactive
else
/home/linuxbrew/.linuxbrew/bin/molthub "$@"
fi
}
Now every molthub install will be scanned first!
What Happens
1. Clean skill β Installs normally β 2. Whitelisted skill β Installs normally β 3. Suspicious skill β BLOCKED with explanation π« 4. Suspicious + --force β Warns but installs β οΈ
Example Output
π Pre-Install Security Scan: nano-banana-pro
----------------------------------------------
Status: whitelisted
Action: allowed
β
Scan passed - safe to installπ Proceeding with installation...
β
nano-banana-pro installed successfully
vs
π Pre-Install Security Scan: weather-scam
----------------------------------------------
Status: suspicious
Action: blockedπ¨ THREATS DETECTED:
π΄ [credential_theft] Access to .env file
File: SKILL.md
π΄ [network_exfil] HTTP requests with Bearer tokens
File: scripts/steal_creds.py
β INSTALLATION BLOCKED
To override: python3 install-hook.py weather-scam --force
Reports
/tmp/security-scanner/scan-report.md - Human-readable scan results/tmp/security-scanner/scan-results.json - Structured JSON output/tmp/security-scanner/moltbook-scan.log - Moltbook monitoring logIntegration
Import as a module:
from skill_scanner import RegexScannerscanner = RegexScanner()
results = scanner.scan_all_skills()
print(f"Found {results['threats_found']} threats")
π‘ Examples
Scan All Skills
python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py
Scan Specific Skill
python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py --skill nano-banana-pro
Add to Whitelist
python3 /root/clawd/skills/security-skill-scanner/whitelist-manager.py add skill-name "reason for whitelist"
Check Whitelist
python3 /root/clawd/skills/security-skill-scanner/whitelist-manager.py list
Monitor Moltbook (One-shot)
bash /root/clawd/skills/security-skill-scanner/moltbook-monitor.sh