{"skill":{"slug":"skill-bomb-dog-sniff","displayName":"Bomb Dog Sniff","summary":"Security-first skill management for OpenClaw - like a bomb-sniffing dog for skills.\nSniffs out malicious payloads (crypto stealers, keyloggers, reverse shells) before installation.\nQuarantine → Scan → Install only the safe ones.","tags":{"latest":"0.1.0"},"stats":{"comments":0,"downloads":1433,"installsAllTime":1,"installsCurrent":1,"stars":2,"versions":1},"createdAt":1770530107924,"updatedAt":1778557022785},"latestVersion":{"version":"0.1.0","createdAt":1770530107924,"changelog":"bomb-dog-sniff v1.2.0 is a major security and detection upgrade for OpenClaw skill scanning.\n\n- Fixed command injection and added path traversal protection for safer downloads and scanning.\n- Quarantines skills in randomized, permission-locked directories before scanning.\n- Now detects and skips binary/oversized files and restricts regex processing to prevent resource attacks.\n- Smarter detection: reduced false positives, added entropy analysis for encoded threats, awareness of test files, and per-finding confidence scoring.\n- Expanded to 13 detection categories, now including supply chain attacks, prototype pollution, and new script-based threats.\n- New detection patterns target credential and SSH key theft, browser and system persistence, and more.\n- All commands (scan, safe-install, audit, batch) documented with clear examples and risk scoring explanations.","license":null},"metadata":null,"owner":{"handle":"lvcidpsyche","userId":"publishers:lvcidpsyche","displayName":"LvcidPsyche","image":"https://avatars.githubusercontent.com/u/160208855?v=4"},"moderation":{"isSuspicious":true,"isMalwareBlocked":false,"verdict":"suspicious","reasonCodes":["suspicious.llm_suspicious"],"summary":"Detected: suspicious.llm_suspicious","engineVersion":"v2.4.24","updatedAt":1778557022785}}