openscan
Scan binaries and scripts for malicious patterns before trusting them. Use when installing skills, evaluating unknown binaries, or auditing tool dependencies.
Why use this skill?
Secure your OpenClaw agent by scanning binaries and scripts for malicious patterns. Detect obfuscation, unsafe API calls, and risks.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/dev-null321/openscanWhat This Skill Does
OpenScan is an essential security utility for the OpenClaw ecosystem, designed to perform lightweight malware detection and static analysis on binaries and scripts. Ported from the robust Harkonnen antimalware engine, this skill provides users with the ability to audit files before they are installed or executed. It functions by scanning for suspicious indicators such as invalid code signatures, missing security features (like PIE or NX), and high-entropy packed binaries that often suggest obfuscation. Furthermore, OpenScan analyzes shell scripts for dangerous patterns, such as the use of 'curl | bash' or encoded base64 payloads, helping users maintain a clean and secure development environment.
Installation
To integrate OpenScan into your OpenClaw setup, run the following command in your terminal:
clawhub install openclaw/skills/skills/dev-null321/openscan
Ensure that your OpenClaw environment has the necessary permissions to read the files you intend to scan. Once installed, you can trigger scans via the command line or via the programmatic API within your own custom OpenClaw agents.
Use Cases
- Pre-Install Auditing: Always run OpenScan on a skill folder before installing it to ensure no hidden malicious dependencies are being introduced into your system.
- Binary Integrity: Verify the legitimacy of downloaded executables, particularly for tools that require root or administrative privileges.
- Script Review: Audit automated scripts or shell files for common obfuscation techniques or remote download commands that might indicate a supply chain attack.
- Security Hardening: Check your own binaries for missing security flags like PIE (Position Independent Executable) or RELRO to improve the defensive posture of your custom tools.
Example Prompts
- "OpenScan, please analyze the directory at ~/downloads/new-tool and tell me if it contains any high-risk patterns."
- "Before I install this skill, run a security scan and provide me with a breakdown of any suspicious API references found in the binary."
- "Scan the script at ./deploy.sh and let me know if it contains any obfuscated shell commands that I should be concerned about."
Tips & Limitations
OpenScan is designed for speed and local auditing, not as a comprehensive replacement for enterprise-grade antivirus solutions. While it excels at identifying suspicious patterns and common malware indicators, it lacks a large-scale hash database, meaning it may not catch the latest zero-day threats. Additionally, security tools used for legitimate purposes may occasionally trigger false positives due to their low-level system access. Use OpenScan as a first line of defense; if the threat score is above 40, always perform a manual review of the file's source code or behavior before granting it elevated execution privileges.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-dev-null321-openscan": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, code-execution