skill-guard
Scan ClawHub skills for security vulnerabilities BEFORE installing. Use when installing new skills from ClawHub to detect prompt injections, malware payloads, hardcoded secrets, and other threats. Wraps clawhub install with mcp-scan pre-flight checks.
Why use this skill?
Prevent prompt injection and malware by using skill-guard to scan all ClawHub skills before installation. Ensure your AI agent remains secure and untampered.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/jamesouttake/skill-guardWhat This Skill Does
skill-guard serves as a mandatory pre-install security gate for the OpenClaw ecosystem, specifically designed to protect your agent from compromised ClawHub skills. While traditional security tools like VirusTotal focus on binary malware signatures, skill-guard is purpose-built for the AI era. It utilizes mcp-scan (powered by Invariant Labs/Snyk) to perform deep-content inspection of every skill before it ever touches your production environment. The tool operates by downloading potential skills into a quarantined /tmp/ staging directory, running a multi-layered security analysis, and only promoting the skill to your active folder if it passes. It specifically targets AI-native threats that current antivirus software ignores, such as prompt injection patterns, hardcoded secret exposure, malicious URL callbacks (data exfiltration), and toxic instruction flows.
Installation
To integrate skill-guard into your workflow, you should replace direct ClawHub installation commands with the provided wrapper script. Run the following command in your terminal to initialize the secure installation flow:
./scripts/safe-install.sh <skill-slug>
Ensure that you have the mcp-scan dependency installed and accessible in your path. For specific versions or forced updates, you can use ./scripts/safe-install.sh <skill-slug> --version 1.2.3 or the --force flag respectively. Once installed, every new skill will be vetted by the engine, providing you with a clear exit code (0 for success, 2 for threats detected) before any local files are modified.
Use Cases
Use skill-guard whenever you plan to expand your agent's capabilities via ClawHub. It is particularly critical for developers testing third-party community skills or for agents that have access to sensitive local environment variables, personal files, or financial API keys. It acts as a "firewall" for your agent's logic, ensuring that a malicious actor cannot hijack your agent's behavior via a cleverly crafted system prompt hidden in a seemingly benign plugin.
Example Prompts
- "OpenClaw, I want to add the 'image-optimizer' skill from ClawHub, but please run it through skill-guard first to make sure it's not hiding any malicious system instructions."
- "skill-guard, scan the latest version of the 'trading-bot' skill and report any insecure credential handling or hardcoded API tokens before I move it to my active workspace."
- "Run a security audit on the 'github-automation' skill using the safe-install script and show me the full output of the mcp-scan findings."
Tips & Limitations
Always treat a safety flag as a high-priority warning. If skill-guard exits with code 2, do not attempt a force install unless you have performed a manual code audit of the files in the /tmp/skill-guard-staging directory. Note that while this tool is excellent for detecting structural AI threats, it does not replace the need for careful code review if you intend to execute complex scripts. Keep your mcp-scan engine updated to ensure protection against the latest known patterns of prompt injection and data exfiltration techniques.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-jamesouttake-skill-guard": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-write, file-read, code-execution
Related Skills
domain-trust-check
URL safety scanner and domain reputation checker. Use when: checking if a URL is safe before visiting, scanning links in emails/messages, verifying domains for phishing/malware/scam. NOT for: submitting malicious domains for bounty rewards (use outtake-bounty-network).
outtake-bounty-network
Earn $5 USDC per verified malicious domain. Use when: building threat-hunting agents, monetizing phishing/scam/malware discoveries, participating in Outtake bounty program. NOT for: checking if a URL is safe (use domain-trust-check).