ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified

clawhub-scanner

Scan installed ClawHub skills for malware, credential theft, prompt injection, and security risks. Detects known C2 infrastructure, obfuscated payloads, and data exfiltration patterns from the ClawHavoc campaign.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/homeofe/clawhub-scanner
Or

clawhub-scanner

Security scanner for ClawHub skills. Checks installed skills against known malicious patterns, IoCs, and suspicious behaviors.

Usage

When the user asks to scan skills, check for malware, or audit their ClawHub installations:

# Scan all installed skills
clawhub-scanner scan

# Scan a specific skill
clawhub-scanner scan --skill ~/.openclaw/skills/some-skill

# JSON output for automation
clawhub-scanner scan --json

# Include low-severity findings
clawhub-scanner scan --verbose

What It Detects

  • Critical: Known C2 server IPs and malicious domains (ClawHavoc campaign)
  • High: eval(), credential harvesting (SSH/AWS/browser/wallets), data exfiltration (Discord/Telegram webhooks), obfuscated payloads
  • Medium: Prompt injection, broad filesystem access, clipboard harvesting
  • Low: Outbound HTTP, WebSocket connections

Install

Requires the npm package:

npm install -g @elvatis_com/clawhub-scanner

Exit Codes

  • 0 = clean
  • 1 = high-severity findings
  • 2 = critical findings
Read Full Documentation on GitHub

Metadata

Author@homeofe
Stars2387
Views0
Updated2026-03-09
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-homeofe-clawhub-scanner": {
      "enabled": true,
      "auto_update": true
    }
  }
}
Safety NoteClawKit audits metadata but not runtime behavior. Use with caution.

Related Skills

openclaw-ops-elvatis

Operational commands - dashboards, monitoring, and management for OpenClaw deployments.

homeofe 2387

openclaw-memory-docs

OpenClaw plugin for documentation-grade memory: explicit capture + local searchable store with safe redaction.

homeofe 2387

openclaw-memory-core

Core utilities for OpenClaw memory plugins (redaction, local store, embeddings).

homeofe 2387

openclaw-ispconfig

Manage ISPConfig servers: automated site provisioning, domains, mailboxes, DNS, databases, SSL, backups, and more.

homeofe 2387

openclaw-rss-feeds

RSS/Atom feed digest with optional CVE enrichment, Ghost CMS drafts, and channel notifications

homeofe 2387