EdgeOne Skill Scanner
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: edgeone-skill-scanner Version: 1.0.4 The bundle is a security auditing tool designed to perform local static analysis of other agent skills across various platforms (OpenClaw, Cursor, Windsurf, etc.). The instructions in SKILL.md guide the AI agent to discover installed skills, inspect their code for malicious patterns (like credential theft or backdoors), and generate a structured report without exfiltrating data. The behavior is entirely consistent with its stated purpose as a 'Skill Scanner' from Tencent Zhuque Lab.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A full scan may reveal installed skill names, paths, and skill contents to the reviewing agent and in generated reports.
This directs the agent to enumerate and inspect broad installed-skill locations during a full-platform scan. That is expected for the scanner purpose, but users should realize it gives the agent visibility into all discovered skill files.
CRITICAL — No skill may be skipped... user-installed skills and system/platform built-in skills must be included... Scan both the system directory `~/.codebuddy/plugins/marketplaces/` and the user directory `~/.codebuddy/plugins/`
Use full-platform mode only when you intend to audit all installed skills; otherwise ask for a single named skill or file to be reviewed.
It may be harder to confirm that this scanner is an official or current Tencent Zhuque Lab artifact.
The registry metadata does not establish an official source repository or homepage, so the claimed publisher/provenance cannot be verified from the registry record alone.
Source: unknown; Homepage: none
Verify the publisher and source out-of-band before relying on the scanner for high-trust security decisions.
Users may over-rely on the privacy wording when scan reports could still include local paths, skill names, or excerpts if they choose to share the output.
This is a strong privacy assurance. The visible artifacts do not show network or credential use, but users should treat the assurance as a trust claim in an instruction-only skill rather than as separately demonstrated enforcement.
**Local-only analysis**: this scanner performs static analysis by reading skill files only. No file contents, credentials, or personal data are sent externally.
Do not share generated scan output publicly until you have checked it for private paths, internal skill text, or sensitive configuration details.