clawguard
Security scanner for ClawHub skills. Analyze before you install.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/chloepark85/skill-guard-proClawGuard 🛡️
Scan ClawHub skills for security risks before installing.
ClawGuard performs static code analysis on ClawHub skills to detect:
- 🌐 Network exfiltration (HTTP POST to external URLs)
- 🔑 Credential access (API keys, tokens, passwords)
- ⚡ Shell command execution
- 💥 File destruction (rm -rf, unlink)
- 🎭 Code obfuscation (eval, base64 decode)
- 👻 Hidden files and directories
Usage
Scan by skill name
Download and scan a skill from ClawHub:
uv run {baseDir}/scripts/scan.py --skill <skill-name>
Scan local directory
Scan a skill directory on your local filesystem:
uv run {baseDir}/scripts/scan.py --path /path/to/skill
JSON output
Get results in JSON format:
uv run {baseDir}/scripts/scan.py --skill <skill-name> --json
Examples
Scan the GitHub skill:
uv run {baseDir}/scripts/scan.py --skill github
Scan a local skill:
uv run {baseDir}/scripts/scan.py --path ~/.openclaw/skills/my-skill
Risk Levels
- 🟢 SAFE (0-30): No significant risks detected
- 🟡 CAUTION (31-60): Review flagged items before installing
- 🔴 DANGEROUS (61-100): High-risk patterns detected — DO NOT INSTALL
Exit Codes
0: Safe1: Caution2: Dangerous
Requirements
- Python 3.11+
uv(Python package manager)clawhubCLI (optional, for downloading skills)
How It Works
- Pattern Matching: Regex-based detection of dangerous code patterns
- AST Analysis: Python AST parsing for eval/exec detection
- URL Extraction: Identifies all network endpoints
- Risk Scoring: Weighted severity scoring (0-100)
What It Detects
| Category | Weight | Examples |
|---|---|---|
| Network exfiltration | 25 | POST to unknown URL with data |
| Credential access | 20 | Reading API keys, tokens |
| Shell execution | 15 | exec(), subprocess, system() |
| File destruction | 15 | rm -rf, unlink, rmdir |
| Obfuscation | 15 | eval(), atob(), Buffer.from |
| Hidden files | 10 | Dotfiles, hidden directories |
Limitations
- Static analysis only: Cannot detect runtime behavior
- Regex-based: May have false positives/negatives
- JS/TS: Basic pattern matching (no full AST parsing)
- Encrypted/minified code: Cannot analyze obfuscated payloads
Best Practices
- Always scan before installing untrusted skills
- Review CAUTION-level findings manually
- Check network endpoints for unknown domains
- Never install DANGEROUS skills without verification
- Report suspicious skills to ClawHub moderators
License
MIT
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-chloepark85-skill-guard-pro": {
"enabled": true,
"auto_update": true
}
}
}Related Skills
agent-budget-controller
Control LLM API spending per agent. Set daily/weekly/monthly limits with real-time tracking and alerts.
notion-agent
Notion integration for OpenClaw. Manage pages, databases, and blocks via AI agent.
Finance Automation
Skill by chloepark85
Multi-Agent Dev Team
2-agent collaborative software development workflow for OpenClaw
predictfish
Predict project success using MiroFish swarm intelligence. Simulate market reactions before you build.