🧪 Skills

Skill Guard Pro

--- name: clawguard description: "Security scanner for ClawHub skills. Analyze before you install." license: "MIT" metadata: { "openclaw": { "emoji": "🛡️", "requires": { "bins": ["uv"] } } } --

v1.0.1
❤️ 0
⬇️ 89
👁 1
Save📁 Collect
Share

Description

name: clawguard description: "Security scanner for ClawHub skills. Analyze before you install." license: "MIT" metadata: { "openclaw": { "emoji": "🛡️", "requires": { "bins": ["uv"] } } }

ClawGuard 🛡️

Scan ClawHub skills for security risks before installing.

ClawGuard performs static code analysis on ClawHub skills to detect:

  • 🌐 Network exfiltration (HTTP POST to external URLs)
  • 🔑 Credential access (API keys, tokens, passwords)
  • ⚡ Shell command execution
  • 💥 File destruction (rm -rf, unlink)
  • 🎭 Code obfuscation (eval, base64 decode)
  • 👻 Hidden files and directories

Usage

Scan by skill name

Download and scan a skill from ClawHub:

uv run {baseDir}/scripts/scan.py --skill <skill-name>

Scan local directory

Scan a skill directory on your local filesystem:

uv run {baseDir}/scripts/scan.py --path /path/to/skill

JSON output

Get results in JSON format:

uv run {baseDir}/scripts/scan.py --skill <skill-name> --json

Examples

Scan the GitHub skill:

uv run {baseDir}/scripts/scan.py --skill github

Scan a local skill:

uv run {baseDir}/scripts/scan.py --path ~/.openclaw/skills/my-skill

Risk Levels

  • 🟢 SAFE (0-30): No significant risks detected
  • 🟡 CAUTION (31-60): Review flagged items before installing
  • 🔴 DANGEROUS (61-100): High-risk patterns detected — DO NOT INSTALL

Exit Codes

  • 0: Safe
  • 1: Caution
  • 2: Dangerous

Requirements

  • Python 3.11+
  • uv (Python package manager)
  • clawhub CLI (optional, for downloading skills)

How It Works

  1. Pattern Matching: Regex-based detection of dangerous code patterns
  2. AST Analysis: Python AST parsing for eval/exec detection
  3. URL Extraction: Identifies all network endpoints
  4. Risk Scoring: Weighted severity scoring (0-100)

What It Detects

Category Weight Examples
Network exfiltration 25 POST to unknown URL with data
Credential access 20 Reading API keys, tokens
Shell execution 15 exec(), subprocess, system()
File destruction 15 rm -rf, unlink, rmdir
Obfuscation 15 eval(), atob(), Buffer.from
Hidden files 10 Dotfiles, hidden directories

Limitations

  • Static analysis only: Cannot detect runtime behavior
  • Regex-based: May have false positives/negatives
  • JS/TS: Basic pattern matching (no full AST parsing)
  • Encrypted/minified code: Cannot analyze obfuscated payloads

Best Practices

  1. Always scan before installing untrusted skills
  2. Review CAUTION-level findings manually
  3. Check network endpoints for unknown domains
  4. Never install DANGEROUS skills without verification
  5. Report suspicious skills to ClawHub moderators

License

MIT

Reviews (0)

Sign in to write a review.

No reviews yet. Be the first to review!

Comments (0)

Sign in to join the discussion.

No comments yet. Be the first to share your thoughts!

Compatible Platforms

Links

📂 Source Code

Pricing

Free

Related Configs

🧪 Skill

self-improving-agent

Free

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...

❤️ 2.0k ⬇️ 218k
🧪 Skill

Self Improving Agent

Free

Captures learnings, errors, and corrections to enable continuous improvement. And also 50+ models for image generation, video generation, text-to-speech, spe...

❤️ 2.0k ⬇️ 206k
🧪 Skill

Find Skills

Free

Search, discover, and install skills from the open agent skills ecosystem to extend agent capabilities for specific tasks or domains.

❤️ 814 ⬇️ 199k
🧪 Skill

Summarize

Free

--- name: summarize description: Summarize URLs or files with the summarize CLI (web, PDFs, images, audio, YouTube). homepage: https://summarize.sh metadata: {"clawdbot":{"emoji":"🧾","requires":{"b

❤️ 609 ⬇️ 160k