skill-threat-scanner

What This Skill Does

Skill Threat Scanner is an essential security hardening tool for the OpenClaw ecosystem. Designed as a proactive defense mechanism, it monitors and audits your installed skills against a 9-category threat detection matrix. Whether you are downloading new tools from ClawHub or managing custom local scripts, this agent ensures your environment remains secure from malware, prompt injection, reverse shells, wallet theft, supply chain attacks, and data exfiltration. By leveraging static code analysis, smart domain monitoring, and baseline hash tracking, the tool provides a deep-dive audit of your ~/clawd/skills/ directory. It automatically flags suspicious patterns such as Base64-encoded payloads, hidden shell injections, and unauthorized attempts to access system-sensitive files like SSH keys, AWS credentials, or cryptocurrency wallets. With zero dependencies and native Python execution, it offers high-performance protection that integrates directly into your agent's workflow.

Installation

To install the Skill Threat Scanner, use the ClawHub command-line interface within your terminal:

clawhub install openclaw/skills/skills/benlee2144/skill-threat-scanner

Once installed, verify the installation by navigating to the skill directory and running the scanner:

python3 ~/clawd/skills/skill-guard/scripts/skillguard.py scan

Use Cases

1. Routine Security Audits: Periodically scan your entire skill library to ensure that updates haven't introduced malicious code or changed file footprints since the last baseline.
2. Vetting New Skills: Use the check command on a newly downloaded directory before allowing it full access to your system environment.
3. Continuous Monitoring: Utilize the watch command via system cron jobs to receive real-time alerts if any installed skill alters its behavior or codebase unexpectedly.

Example Prompts

1. "OpenClaw, run a full security audit on all installed skills and provide me with a JSON report summarizing any potential threats."
2. "Scan the directory ~/clawd/skills/test-project and let me know if it attempts to access any sensitive environment variables or crypto wallets."
3. "Check if there have been any file changes in the current skill baseline and alert me immediately if a suspicious modification is detected."

Tips & Limitations

• Baseline Often: Always run the --baseline flag after you have verified that your skills are clean and functioning as expected. This ensures the integrity monitor has a valid reference point.
• JSON for Automation: Use the --json flag when piping output into other monitoring tools or automated alert systems.
• Domain Awareness: The scanner uses an allowlist for known API domains. If you use custom private APIs, ensure your requests are clearly documented to avoid false positive warnings.
• Limitations: While the scanner is highly effective at identifying known attack patterns, it is a static analysis tool. It cannot execute the code in a sandbox to observe runtime behavior; therefore, it is best used as a first line of defense alongside your own code reviews.