skill-scanner
Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, scan for credential exfiltration, detect prompt injection, or review skill security. Triggers on security audit, skill safety check, malware scan, or trust verification.
Why use this skill?
Secure your OpenClaw agent by auditing skills before installation. Detect malicious code, credential leaks, and prompt injection with the skill-scanner utility.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/hugosbl/ai-skill-scannerWhat This Skill Does
The skill-scanner is an essential security utility for the OpenClaw and Clawdbot ecosystem designed to perform static analysis on local skill folders. Before integrating third-party code into your personal agent environment, it is critical to verify the integrity of the package. This scanner automates the detection of common attack vectors including, but not limited to, unauthorized credential exfiltration, malicious network callbacks, obfuscated shell commands, and potential prompt injection vulnerabilities. By analyzing the source code statically against a curated set of heuristic rules, the scanner acts as a first line of defense against supply chain attacks within the OpenClaw community.
Installation
To add this security tool to your environment, use the command: clawhub install openclaw/skills/skills/hugosbl/ai-skill-scanner. Once installed, ensure you have the necessary environment dependencies configured. You can execute the scanner directly from your terminal using python3 scripts/scan.py /path/to/skill. For automated workflows or integration into CI/CD pipelines, use the --json flag to receive structured output that can be parsed by other agent tools or monitoring scripts.
Use Cases
- Pre-Install Audits: Scan any skill downloaded from ClawHub before deployment to ensure it adheres to security standards.
- Vendor Trust Verification: Validate the coding patterns of new developers or unknown community submissions.
- Credential Protection: Scan codebases to ensure no hardcoded API keys, tokens, or sensitive environment variables are being leaked to external servers.
- Prompt Injection Detection: Inspect skill manifest files and logic scripts for commands designed to bypass system instructions.
Example Prompts
- "I just downloaded a new data-scraping skill from ClawHub, can you please run a security audit on it to make sure it's safe to install?"
- "Perform a thorough malware scan on the directory at ~/projects/claw-skills/custom-bot and tell me if it contains any suspicious network calls."
- "I need a trust verification for the skill located in /tmp/unknown-skill; scan it for potential vulnerabilities and summarize any critical warnings."
Tips & Limitations
- Severity Levels: Always pay close attention to findings labeled SUSPICIOUS or DANGEROUS. Never bypass these warnings, as they often indicate high-risk code execution or data exfiltration.
- Static Analysis Only: Remember that this tool does not run the code in a sandbox (runtime analysis). It can only detect what is visible in the source code. Complex obfuscation or dynamic code generation may bypass these checks.
- False Positives: Legitimate networking libraries might trigger alerts. If you see a warning for a trusted tool, review the documentation in
references/rules.mdto see if the activity is covered by allowed whitelists. - Manual Review: Use this tool as a component of your security workflow, not as the sole arbiter of trust. For any finding above 'INFO', perform a quick manual look at the files identified by the scanner.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-hugosbl-ai-skill-scanner": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, code-execution