guardskills
Security gate for skill installs. Scans skill content for malicious patterns (credential exfiltration, remote code execution, destructive ops, privilege escalation) before installation. Always run guardskills before installing any skill from ClawHub, GitHub, or local sources.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/felixondesk/guardskillsGuardSkills — Security Scanner for Skills
Static analysis security gate. Scans skill files for malicious patterns and produces a risk decision before allowing installation.
Rule — ALWAYS scan before installing
Before installing any skill (ClawHub, GitHub, local, or skills.sh), you MUST run a guardskills scan first. Never run clawhub install, skills add, or copy skill files without scanning.
Scan by source
1. ClawHub skills
When the user asks to install a ClawHub skill, scan it first:
guardskills scan-clawhub <owner/skill-slug>
Also accepts full URLs:
guardskills scan-clawhub https://clawhub.ai/owner/skill-slug
2. Local skills
When loading or reviewing a skill folder on disk:
guardskills scan-local <path-to-skill-folder>
If the path contains multiple skills:
guardskills scan-local <path-to-skills-root> --skill <skill-folder-name>
3. GitHub skills
When installing from a GitHub repository:
guardskills add owner/repo --skill <skill-name> --dry-run
Also accepts full URLs:
guardskills add https://github.com/owner/repo --skill <skill-name> --dry-run
4. skills.sh skills
Use the same GitHub flow:
guardskills add owner/repo --skill <skill-name> --dry-run
If scan passes:
guardskills add owner/repo --skill <skill-name>
How to interpret results
| Decision | Action |
|---|---|
SAFE | Proceed with installation. |
WARNING | Ask the user for confirmation before proceeding. |
UNSAFE | Block. Tell the user the skill is unsafe and do not install. |
CRITICAL | Block. Do not install under any circumstances. |
UNVERIFIABLE | Block. Inform the user the skill could not be verified. |
Useful flags
--json— machine-readable JSON output--dry-run— scan only, do not install--ci— deterministic gate mode (no prompts, no install)--strict— use stricter risk thresholds--yes— auto-accept WARNING level (only if user explicitly requests)--force— override UNSAFE block (only if user explicitly requests)--allow-unverifiable— override UNVERIFIABLE block (only if user explicitly requests)
Exit codes
0— allowed / safe10— warning not confirmed20— blocked (UNSAFE, CRITICAL, or UNVERIFIABLE)30— runtime / internal error
Recommended workflow
- User asks to install a skill.
- Determine the source (ClawHub, GitHub, local, skills.sh).
- Run the appropriate
guardskillsscan command. - Read the decision from the output.
- If
SAFE, proceed withclawhub installor equivalent.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-felixondesk-guardskills": {
"enabled": true,
"auto_update": true
}
}
}