--- name: skill-trust-auditor description: "Audit a ClawHub skill for security risks BEFORE installation." version: "1.1.3" metadata: { "openclaw": { "emoji": "🛡️", "requires":
Use when optimizing existing Claude skills, checking skill quality, auditing skill compliance, or when skills have obvious issues. Triggers on skill optimiza...
Security audit and validation tools for the Agent Skills ecosystem. Scan skill packages for common vulnerabilities like credential leaks, unauthorized file access, and Git history secrets. Use when yo
Detects malicious behavior and security threats in target skills using advanced analysis of obfuscation, encoding, encryption, and dynamic code techniques.
Security scanner for OpenClaw skill packages. Scans skills for malicious code, evasion techniques, prompt injection, and misaligned behavior BEFORE installation. Use to audit any skill from ClawHub or
Helps detect when AI agent skills silently mutate across inheritance chains. A skill audited safe in generation 1 may drift far from the original by generati...
Provides real-time file integrity monitoring, pre-installation skill audits, runtime threat blocking, kill switch activation, and incident response to protec...
Analyzes the security posture of a user's OpenClaw environment and installed skills. Use when a user is about to install a new skill and wants to verify its...
Helps verify that skill updates publish an auditable record of what changed — catching the gap between "the registry shows the new version" and "anyone can s...
Security audit and vulnerability scanner for AI agent skills before installation. Use when: (1) evaluating a skill from an untrusted source, (2) auditing a s...
Security scanner for ClawHub skills. Vet third-party skills before installation — detect dangerous patterns, suspicious code, and risky dependencies.
Security audit engine for OpenClaw configurations. Detects vulnerabilities, misconfigurations, secret leaks, and over-privileged agents. Use when the user as...
Prepare and audit a Claw skill for public release by validating structure, security, portability, documentation, testing, git hygiene, and metadata.
This skill should be used when the user asks to harden agent workflows, audit prompts/commands/URLs/paths, scan a third-party skill before install or publish...
Audit agent skills for security threats before installing them. Use AUTOMATICALLY when about to install any skill (clawhub install, skill installation), when...
Use when reviewing, auditing, or validating Claude Code skills for quality and cross-platform/cross-agent compatibility. Triggers on「审查 skill」「review skill」「...
Audit locally installed agent skills for security/policy issues using the SkillLens CLI (`skilllens scan`, `skilllens config`). Use when asked to scan a skills directory (Codex/Claude) and produce a r
审查 ClawHub skills 的安全性,检测恶意代码、可疑模式和社工攻击。在安装任何第三方 skill 前使用此工具进行安全检查。
Scans ClawHub skills to detect malicious code, obfuscated payloads, and social engineering via pattern matching, deobfuscation, and LLM analysis before insta...
Audit and improve your OpenClaw setup with one skill. Scores agent health, audits memory hygiene, checks cron reliability, and compares installed skills agai...
Security-first skill auditing and quarantine for OpenClaw skills. Use when installing new skills, reviewing skills from unknown sources, scanning skills for prompt injection/exfiltration/supply-chain
One-stop skill management for OpenClaw. 一站式技能管理,引导式使用,嵌套搜索、审计、创建、发布、批量更新等必要 skill。Use when reviewing installed skills, searching
Deep behavioral security audit for AI agent skills and MCP tools. Performs deterministic static analysis (AST + Semgrep + 15 specialized scanners), cryptographic lockfile generation, and optional LLM-