Claw Security Scanner
Skill by betsymalthus
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/betsymalthus/claw-security-scannerWhat This Skill Does
The Claw Security Scanner is a powerful diagnostic tool designed to protect your OpenClaw environment by inspecting skill files for malicious intent. In response to the growing concerns regarding supply chain attacks, this agent acts as a security perimeter for your local skill library. It performs multi-layered analysis, combining static code inspection, dynamic behavioral simulation in a sandboxed environment, and machine-learning-based pattern matching. It is capable of detecting hidden backdoors, hardcoded API credentials, outdated dependencies, and unauthorized file system or network access requests. By providing detailed risk assessment reports—ranging from Info to Critical levels—the scanner empowers users to identify and neutralize vulnerabilities before they can compromise sensitive data or system integrity.
Installation
You can install the skill via the command line using the ClawdHub manager. Run clawdhub install claw-security-scanner. If you prefer a manual setup, clone the repository into your ~/.openclaw/skills/ directory and ensure all dependencies are resolved. For production environments, ensure that your ~/.openclaw/config.json is updated with your desired security thresholds and exclusion patterns to tailor the scanning process to your specific workflows.
Use Cases
This tool is indispensable for several user personas: 1) Developers: Use it for pre-publication validation to ensure your code meets security standards and to perform automated regression testing in CI/CD pipelines. 2) General Users: Protect your system by verifying third-party skills before installation to ensure no rogue scripts access your private keys. 3) Security Auditors: Generate comprehensive HTML or JSON reports to maintain compliance and conduct audit trails within a team or enterprise setting. 4) System Administrators: Enforce security policies across multiple installations by monitoring for insecure configurations or unauthorized network egress.
Example Prompts
- "Scan all my currently installed skills and generate a high-level summary report for any medium-to-critical risks found."
- "I just downloaded a new skill from GitHub; perform a deep scan on the directory /home/user/downloads/new-skill and export the findings as a JSON file."
- "Check the current configuration for the security scanner and run an automated scan on the latest update of my memory manager skill."
Tips & Limitations
To maximize the scanner's efficacy, ensure you have enabled 'autoScan' in your configuration file, as this provides real-time protection. Be aware that deep analysis using dynamic simulation can be resource-intensive and may slow down your machine during the scan. While the scanner uses advanced machine learning, it should be treated as a secondary defense layer; always review suspicious code manually using the suggested fixes provided in the report. Avoid scanning extremely large directory trees without using the 'excludePatterns' setting to ignore non-code artifacts like 'node_modules' or build caches, which can significantly speed up performance.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-betsymalthus-claw-security-scanner": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, code-execution, network-access