Security Checker
by @johstracke
Security scanner for Python skills before publishing to ClawHub. Use before publishing any skill to check for dangerous imports, hardcoded secrets, unsafe file operations, and dangerous functions like eval/exec/subprocess. Essential for maintaining trust and ensuring published skills are safe for others to install and run.
clawhub install security-checkerπ About This Skill
name: security-checker description: Security scanner for Python skills before publishing to ClawHub. Use before publishing any skill to check for dangerous imports, hardcoded secrets, unsafe file operations, and dangerous functions like eval/exec/subprocess. Essential for maintaining trust and ensuring published skills are safe for others to install and run.
Security Checker
Security scan Python skills before publishing to ensure code safety.
Quick Start
security_scan.py
Examples:
# Scan a single Python file
security_scan.py scripts/my_script.pyScan an entire skill directory
security_scan.py /path/to/skill-folderScan multiple skills
security_scan.py skills/
What It Checks
Dangerous Imports
Detects imports that could be used maliciously:os - System-level operationssubprocess - Command executionshutil - File operationssocket - Network operationsurllib / requests - HTTP requestsWhy dangerous? These imports enable system command execution, file manipulation, and network access that could be exploited.
Dangerous Functions
Detects potentially unsafe function calls:os.system() - Executes shell commandssubprocess.call(), subprocess.run(), subprocess.Popen() - Command executioneval() - Executes arbitrary codeexec() - Executes arbitrary codeWhy dangerous? These can execute arbitrary commands or code, leading to remote code execution vulnerabilities.
Hardcoded Secrets
Detects tokens, keys, and passwords:Why dangerous? Secrets leaked in published code can be stolen and abused.
Unsafe File Operations
Detects risky file access patterns:..)Why dangerous? Could lead to unintended file access, data loss, or system modification.
Usage Pattern: Pre-Publish Checklist
Before publishing any skill:
# 1. Run security scan
security_scan.py /path/to/skill2. Review any warnings
If warnings appear, fix the code or document why it's safe
3. Re-scan after fixes
security_scan.py /path/to/skill4. Only publish if scan passes
clawhub publish /path/to/skill --slug my-skill ...
Interpretation of Results
β "No security issues found"
Code appears safe. Proceed with publishing.β οΈ "Warning" (Yellow)
Potentially risky pattern detected. Review the specific line and decide:π΄ "Possible hardcoded secret"
Secret detected. Before publishing:os.getenv('API_KEY')Examples
Legitimate os module usage (documented)
import os # Used only for path.join() - safe file path construction
workspace = os.path.join(os.path.expanduser("~"), ".openclaw", "workspace")
Scan result: β οΈ Warning about os import Action: Document safe usage pattern in code comments
Hardcoded secret (must fix)
API_KEY = "sk-1234567890abcdef" # DON'T DO THIS
Scan result: π΄ Possible hardcoded secret Action: Remove and use environment variable:
API_KEY = os.getenv("MY_SKILL_API_KEY")
Document in SKILL.md: Requires MY_SKILL_API_KEY environment variable
Safe pattern (no issues)
# JSON storage for local data only
data = {"notes": [], "metadata": {}}
with open("data.json", "w") as f:
json.dump(data, f)
Scan result: β No issues
Best Practices
1. Always scan before publishing - Make it part of your workflow 2. Review warnings manually - The scanner can't judge context 3. Use environment variables for secrets - Never hardcode 4. Prefer json over eval - Safe parsing vs code execution 5. Document necessary risks - If dangerous code is required, explain why 6. Minimize dangerous imports - Only use what's truly necessary 7. Keep code simple - Complex code is harder to audit
Integration with Development Workflow
Before committing to repo
# Pre-commit hook concept
python3 /path/to/security_scan.py scripts/
if [ $? -ne 0 ]; then
echo "β Security scan failed. Fix issues before committing."
exit 1
fi
Automated pre-publish check
#!/bin/bash
publish-safe.sh
SKILL_PATH=$1
echo "π Running security scan..."
python3 /path/to/security_scan.py "$SKILL_PATH"
if [ $? -ne 0 ]; then
echo "β Cannot publish: Security scan failed"
exit 1
fi
echo "β
Security scan passed"
clawhub publish "$SKILL_PATH"
Limitations
This scanner:
Complement with:
bandit, safetyTrust Building
Publishing skills that pass security scans builds trust in the community:
Examples of Published Skills (All Scanned)
# research-assistant
security_scan.py /home/ubuntu/.openclaw/workspace/skills/research-assistant
β
All clear
task-runner
security_scan.py /home/ubuntu/.openclaw/workspace/skills/task-runner
β
All clear
security-checker
security_scan.py /home/ubuntu/.openclaw/workspace/skills/security-checker
β
All clear
All three skills passed security scans before publishing to ClawHub.
π‘ Examples
Legitimate os module usage (documented)
import os # Used only for path.join() - safe file path construction
workspace = os.path.join(os.path.expanduser("~"), ".openclaw", "workspace")
Scan result: β οΈ Warning about os import Action: Document safe usage pattern in code comments
Hardcoded secret (must fix)
API_KEY = "sk-1234567890abcdef" # DON'T DO THIS
Scan result: π΄ Possible hardcoded secret Action: Remove and use environment variable:
API_KEY = os.getenv("MY_SKILL_API_KEY")
Document in SKILL.md: Requires MY_SKILL_API_KEY environment variable
Safe pattern (no issues)
# JSON storage for local data only
data = {"notes": [], "metadata": {}}
with open("data.json", "w") as f:
json.dump(data, f)
Scan result: β No issues
π Tips & Best Practices
1. Always scan before publishing - Make it part of your workflow 2. Review warnings manually - The scanner can't judge context 3. Use environment variables for secrets - Never hardcode 4. Prefer json over eval - Safe parsing vs code execution 5. Document necessary risks - If dangerous code is required, explain why 6. Minimize dangerous imports - Only use what's truly necessary 7. Keep code simple - Complex code is harder to audit