skill-auditor
Security audit and quarantine system for third-party OpenClaw skills. Use when evaluating, reviewing, or installing any skill from ClawHub or external sources. Automatically triggered before any skill installation.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/aiwithabidi/agxntsix-skill-auditorSkill Auditor
Security gatekeeper for third-party skill installation. No skill gets installed without passing audit.
When to Use
- Before installing ANY skill from ClawHub or external sources
- When asked to review/evaluate a skill's safety
- When
clawhub installor similar installation is requested
Audit Workflow
1. Quarantine First
Never copy a skill directly to the production skills directory. Always quarantine first:
bash skills/skill-auditor/scripts/quarantine.sh /path/to/skill-source
This copies the skill to a temp directory, runs the full audit, and only allows installation if the risk score is CLEAN or LOW.
2. Manual Audit (Python Script Directly)
For inspection without the quarantine wrapper:
python3 skills/skill-auditor/scripts/audit_skill.py /path/to/skill-dir
Outputs JSON report to stdout. Add --human for formatted text output.
3. Interpreting Results
| Rating | Action |
|---|---|
| CLEAN | Safe to install |
| LOW | Safe, minor notes — review findings briefly |
| MEDIUM | Do NOT install without manual review of each finding |
| HIGH | Block installation — likely malicious patterns detected |
| CRITICAL | Block immediately — active threat indicators (exfil, prompt injection, obfuscated payloads) |
4. Exit Codes
0= CLEAN or LOW (safe)1= MEDIUM (needs review)2= HIGH or CRITICAL (blocked)
What Gets Scanned
- All files: inventory, sizes, suspicious file types
- Code: shell commands, network calls, env access, filesystem escape, obfuscation, dynamic imports
- SKILL.md: prompt injection patterns, permission scope requests
- Dependencies: requirements.txt / package.json flagged packages
- Encoding: base64 payloads, hex/unicode escapes, string manipulation tricks
References
references/known-patterns.md— catalog of real attack patterns from ClawHubreferences/prompt-injection-patterns.md— prompt injection signatures to detect
Important
If a skill scores MEDIUM or above, always show Abidi the full findings before taking any action. Never override or bypass the auditor. This is the last line of defense before untrusted code enters the system.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-aiwithabidi-agxntsix-skill-auditor": {
"enabled": true,
"auto_update": true
}
}
}Related Skills
freshsales
Freshsales CRM integration — manage contacts, leads, deals, accounts, tasks, and sales sequences via the Freshsales API. Track deal pipelines, automate lead assignments, log activities, and generate sales reports. Built for AI agents — Python stdlib only, no dependencies. Use for sales CRM, contact management, deal tracking, pipeline reporting, and sales automation.
gemini-video-analyzer
Native video analysis using Google Gemini API. Upload and analyze video files — describe scenes, extract text/UI, answer questions about content, transcribe speech, identify objects and actions. Use when: (1) User sends a video file and wants it analyzed, (2) Video summarization or description needed, (3) Extracting text, UI elements, or information from screen recordings, (4) Answering questions about video content, (5) Comparing multiple videos, (6) Analyzing tutorials, demos, or walkthroughs.
agent-memory
Full AI agent memory stack — Mem0 unified memory engine with vector search (Qdrant) and knowledge graph (Neo4j), plus SQLite for structured data. Complete setup script and tools. Give your OpenClaw agent a real brain with semantic recall, entity relationships, and structured storage.
neon
Neon serverless Postgres — manage projects, branches, databases, roles, endpoints, and compute via the Neon API. Create database branches for development, manage connection endpoints, scale compute, and monitor usage. Built for AI agents — Python stdlib only, zero dependencies. Use for serverless Postgres, database branching, database management, development workflows, and cloud database automation.
onepassword
1Password Connect — vaults, items, secrets management for server-side applications.