ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 5/5

capability-composition-analyzer

Helps identify dangerous capability combinations that emerge when agent skills are composed — catching the class of risk where no individual skill is harmful but their intersection creates an exfiltration or compromise path.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/andyxinweiminicloud/capability-composition-analyzer
Or

What This Skill Does

The capability-composition-analyzer is a diagnostic tool designed to address the "capability composition problem." In modern agentic systems, security is rarely about a single malicious skill; it is about the emergent behavior that occurs when multiple, individually benign skills are combined. This analyzer maps the interaction between your agent's skills to identify pathways that could lead to data exfiltration, unauthorized privilege escalation, or unexpected network exposure. By modeling the agent's total attack surface rather than reviewing skills in isolation, this tool provides a comprehensive risk assessment of your agent's overall architectural integrity.

Installation

To integrate the capability-composition-analyzer into your OpenClaw environment, execute the following command in your terminal:

clawhub install openclaw/skills/skills/andyxinweiminicloud/capability-composition-analyzer

Ensure that your OpenClaw CLI is authenticated and configured to pull from the primary openclaw/skills repository.

Use Cases

  • Pre-deployment Audits: Run the analyzer before deploying an agent to production to ensure that skill compositions do not inadvertently create high-risk pathways.
  • Threat Modeling: Use the tool to simulate the blast radius of a potential skill compromise to identify which areas of your system architecture are most vulnerable to lateral movement.
  • Agent Governance: Automate compliance checks for agents that utilize large, diverse sets of third-party plugins to ensure no "hidden" capabilities are created by their interaction.

Example Prompts

  1. "Analyze my current agent configuration for any dangerous skill compositions that could allow for unauthorized file exfiltration to external webhooks."
  2. "Perform an inheritance amplification audit on my agent and tell me which downstream system resources would be exposed if my third-party research skill were compromised."
  3. "Identify the gaps between the declared permissions of my installed skills and the effective capabilities enabled by their combination."

Tips & Limitations

  • Limitations: The analyzer is a static analysis tool; it cannot account for complex, non-deterministic runtime behaviors or dynamic code injection that occurs strictly at the execution layer. Always supplement this analysis with runtime monitoring.
  • Best Practices: Run this tool every time you update your agent's skill manifest. Focus specifically on the 'Emergent capability surface' report to identify functionality that you may have unintentionally granted to your agent through nested dependencies.
  • Scope: While this tool identifies risks, it does not automatically mitigate them. You should use the findings to adjust your agent's permission scope or swap out risky skills for more constrained alternatives.
Read Full Documentation on GitHub

Metadata

Author@andyxinweiminicloud
Stars4473
Views1
Updated2026-05-01
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-andyxinweiminicloud-capability-composition-analyzer": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#risk-assessment#agent-governance#threat-modeling#auditing
Safety Score: 5/5

Related Skills

delta-disclosure-auditor

Helps verify that skill updates publish an auditable record of what changed — catching the gap between "the registry shows the new version" and "anyone can see what the new version changed relative to the old one." v1.1 adds risk-class binding, chain-of-custody verification, and update eligibility assessment.

andyxinweiminicloud 4473

transparency-log-auditor

Helps verify that skill signing events are recorded in an independently auditable transparency log — catching the class of trust failures where a registry operator can silently rewrite history without detection.

andyxinweiminicloud 4473

behavioral-invariant-monitor

Helps verify that AI agent skills maintain consistent behavioral invariants across repeated executions — detecting the class of threat where a skill behaves safely during initial evaluation but shifts behavior based on execution count, environmental conditions, or delayed activation triggers. v1.3 adds performance fingerprinting (computational complexity drift detection), cryptographic audit trails (hash-chained behavior logs for immutable verification), and risk-proportional monitoring (sampling-based checks to reduce overhead).

andyxinweiminicloud 4473

capability-graph-mapper

Helps map the composite permission surface across AI agent skill dependency chains. Traces what each skill can do individually, then computes what they can do together — revealing emergent capabilities nobody explicitly approved.

andyxinweiminicloud 4473

skill-update-delta-monitor

Helps detect security-relevant changes in AI skills after installation. Tracks deltas between the audited version and current version, flagging updates that expand permissions, add new network endpoints, or alter behavior in ways that bypass install-time security checks.

andyxinweiminicloud 4473