ClawHub

MayGuard

v1.0.0

A security auditor for agent skills. Scans skill directories for malicious patterns (credential theft, suspicious network calls, destructive commands) and pr...

0· 646·5 current·5 all-time
by@balkanblbn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to be a security auditor and includes a Python script and threat-patterns JSON that implement directory scanning for suspicious patterns — this aligns with the stated purpose. Minor inconsistencies: SKILL.md and printed strings refer to 'ClawGuard' while registry lists 'MayGuard', and a code comment claims category-level scoring caps while the implementation does not enforce any per-category cap.
!
Instruction Scope
The runtime instructions correctly tell the agent/user to run the included script against a target skill directory. However, the script explicitly skips hidden files (file.startswith('.')), which means it will not inspect common credential files like '.env' or other dotfiles — creating a blind spot for the stated 'credential theft' checks. The scanner only reads files under the supplied target path (no external network calls or system-level reads), which is appropriate for the stated scope.
Install Mechanism
There is no install spec; this is an instruction-only skill with a bundled script and pattern file. Nothing is downloaded or written to system locations by an installer — lowest-risk install model.
Credentials
The skill requests no environment variables, credentials, or config paths. The threat_patterns.json contains patterns that reference user-home paths (e.g., '~/.config'), but the script only scans the provided directory, so no elevated access is requested or required.
Persistence & Privilege
The skill does not request always:true and has no install-time persistence. It does not modify other skills or system settings; autonomous invocation is allowed by platform default but the skill itself has no elevated privileges.
Assessment
MayGuard appears to implement a reasonable local static audit tool, but be aware of its limitations before relying on it: (1) it skips hidden files (dotfiles), so it may miss .env, .ssh/id_rsa, or other credential files — manually check dotfiles or modify the script if you need them scanned; (2) the scoring logic is simplistic (adds 20 points per match) and a comment about per-category caps is inaccurate, so treat the numeric score as a rough heuristic rather than a definitive risk metric; (3) patterns are simple regexes and can produce false positives/negatives, and obfuscated or encoded threats may evade detection; (4) the SKILL.md/strings refer to 'ClawGuard' while the registry name is 'MayGuard' — this mismatch could be a sign of copy-paste or maintenance issues; (5) run the script on extracted skill contents (not on system root) to avoid long scans and to limit scope. If you plan to depend on this tool programmatically, consider reviewing and (optionally) hardening the script: enable scanning of dotfiles, add per-category caps or weighting, and audit the regex list to reduce false positives.

Like a lobster shell, security has layers — review code before you run it.

latestvk978ywwj79bkdd5wca2x9enx4d81mwgb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments