🎁 Get the FREE AI Skills Starter Guide β€” Subscribe β†’
BytesAgainBytesAgain
πŸ¦€ ClawHub

Skill Security Scanner

by @suryast

Security audit tool for OpenClaw skills. Scans for credential harvesting, code injection, network exfiltration, obfuscation. ALWAYS run before installing any...

Versionv1.0.1
Downloads1,469
Stars⭐ 1
TERMINAL
clawhub install skill-security

πŸ“– About This Skill


name: skill-security description: > Security audit tool for OpenClaw skills. Scans for credential harvesting, code injection, network exfiltration, obfuscation. ALWAYS run before installing any new skill from external sources. Triggers on: new skill installation, skill audit, security scan, skill review, before loading external skill.

Skill Security Scanner

Security audit tool for OpenClaw skills. Run before installing any new skill.

Quick Audit

# Audit a skill directory
~/workspace/skills/skill-security/audit.sh /path/to/skill

Audit all installed skills

~/workspace/skills/skill-security/audit-all.sh

What It Checks

| Check | Risk Level | Pattern | |-------|------------|---------| | Network Exfiltration | 🚨 HIGH | requests., urllib, http.client, socket., fetch(, axios | | Credential Harvesting | 🚨 HIGH | .ssh/, .aws/, pass , keyring, credential, secret, token file reads | | Code Injection | 🚨 CRITICAL | exec(, eval(, compile(, Function(, __import__ | | Obfuscation | ⚠️ MEDIUM | base64.decode, atob, encoded payloads | | Env Dumping | ⚠️ MEDIUM | os.environ, process.env, getenv bulk access | | Subprocess Abuse | ⚠️ MEDIUM | subprocess.run, os.system, child_process with credentials |

Severity Levels

  • CRITICAL (🚨): Block installation, report to owner
  • HIGH (πŸ”΄): Requires manual review before use
  • MEDIUM (🟑): Note but allow if from trusted source
  • LOW (🟒): Informational only
  • Safe Skill Checklist

    Before using any skill:

    1. βœ… Is it from a trusted source? (official OpenClaw, known publisher) 2. βœ… Is the code readable (not obfuscated)? 3. βœ… Does it document why it needs network/credential access? 4. βœ… Does it scope file access to its own directory? 5. βœ… Has it been audited by the community?

    Integration with AGENTS.md

    Add this to your workflow:

    ## Skill Installation Protocol

    Before loading any new skill: 1. Run ~/workspace/skills/skill-security/audit.sh 2. If CRITICAL/HIGH findings β†’ STOP, alert the user 3. If MEDIUM findings β†’ Review manually, proceed if justified 4. If CLEAN β†’ Safe to use

    Automatic Protection

    The scanner creates a blocklist at ./blocklist.txt. Skills with CRITICAL findings are automatically added.

    Manual Override

    If a skill is flagged but you've verified it's safe:

    echo "skill-name:verified:YYYY-MM-DD:reason" >> allowlist.txt
    


    Premium Skills

    Like this? Check out our premium skills at skillpacks.dev:

  • πŸ›‘οΈ Security Suite β€” Full PII scanning, secrets detection, prompt injection defense β€” $9.90
  • 🧠 Structured Memory β€” Three-tier memory replacing flat MEMORY.md β€” $9.90
  • πŸ“‹ Planning & Execution β€” Systematic task plans with batch execution β€” $9.90
  • πŸ’Ž Bundle β€” all 3 for $24.90