Skill Security Auditor

The 'skill-security-auditor' skill is designed to analyze other OpenClaw skills for malicious patterns. Its core script, `analyze-skill.sh`, uses `grep` with patterns defined in `patterns/malicious-patterns.json` to identify threats. The skill makes legitimate network calls to `clawhub.ai` to fetch skills for analysis and to `openclaw-security.github.io` for threat intelligence updates, which are necessary for its stated purpose. There is no evidence of intentional harmful behavior, data exfiltration, persistence, or prompt injection against the agent within its own code or documentation (`SKILL.md`, `README.md`). The patterns it detects (e.g., `curl | bash`, known C2 IPs) are correctly used for detection, not execution by the skill itself.