ClawHub

Skill Security Auditor

v1.0.1

Command-line security analyzer for ClawHub skills. Run analyze-skill.sh to scan SKILL.md files for malicious patterns, credential leaks, and C2 infrastructure before installation. Includes threat intelligence database with 20+ detection patterns.

4· 3.8k·49 current·52 all-time
byAM@akhmittra
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the delivered artifacts: a bash analysis script, a patterns database, and documentation for a manual CLI auditor. Required binaries (curl, jq, grep, bash) are appropriate for fetching/parsing and scanning SKILL.md files. No unrelated credentials, config paths, or surprising binaries are requested.
Instruction Scope
SKILL.md and analyze-skill.sh instruct only local analysis (fetching SKILL.md from ClawHub, scanning with local patterns, printing a report). The script reads skill content and the local patterns file; it does not execute fetched code or exfiltrate data. It does suggest scanning installed skills in ~/.openclaw/skills/* which is within the auditor's domain.
Install Mechanism
No install spec is included (instruction-only installation), which is low risk. README examples reference downloading files from raw.githubusercontent.com and an update URL (openclaw-security.github.io) — typical but external; since the skill author/source is unknown and homepage is missing, users should verify the origin before using those curl commands.
Credentials
The skill declares no required environment variables or credentials and the script does not attempt to read secret env vars. The patterns DB intentionally scans for credential-like strings and environment-variable usage as a detection heuristic (expected).
Persistence & Privilege
The skill does not request persistent presence (always is false), does not modify other skills or system-wide settings in the provided code, and does not require elevated privileges. The skill being invocable autonomously is allowed by platform defaults but is not a special privilege here.
Assessment
This tool appears to do what it says: a local, pattern-based auditor. Before installing or running it: 1) Verify the skill's source/author (no homepage provided and README uses placeholder GitHub URLs) — prefer an official repo or a signed release. 2) Inspect patterns/malicious-patterns.json yourself (it governs detection and can be edited). 3) Run the script on known benign SKILL.md files to see false-positive behavior (some regexes are broad). 4) Note a couple implementation issues: some regexes (negative lookahead) may not behave as intended with grep -E, and heuristics like matching ${...} or export will flag many benign files. 5) Use it as a first-line check only — combine with manual review and ClawHub/VirusTotal scans and run any suspicious skills in a sandbox.

Like a lobster shell, security has layers — review code before you run it.

auditvk97ckefyghfpb6bwhyx0epteas80ywwacli-toolvk97ckefyghfpb6bwhyx0epteas80ywwadefensevk97ckefyghfpb6bwhyx0epteas80ywwalatestvk97ckefyghfpb6bwhyx0epteas80ywwamalware-detectionvk97ckefyghfpb6bwhyx0epteas80ywwapattern-matchingvk97ckefyghfpb6bwhyx0epteas80ywwapre-installationvk97ckefyghfpb6bwhyx0epteas80ywwasecurityvk97ckefyghfpb6bwhyx0epteas80ywwathreat-intelligencevk97ckefyghfpb6bwhyx0epteas80ywwa

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl, jq, grep, bash

Comments