ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AOI OpenClaw Security Toolkit (Core)

v0.1.6

Run local-only fail-closed security checks to detect and report data leaks, secrets, egress risks, and prompt injections before publishing or committing code.

2· 694·0 current·0 all-time
by@edmonddantesj
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (local-only security scanner) match the code and bundled rule files. The only minor mismatch: the skill spawns the 'git' command to compute diffs, but the registry metadata lists no required binaries; git is reasonable for a repo preset but the metadata could explicitly declare it.
Instruction Scope
SKILL.md describes scanning repo/workspace paths, using included rules, and producing redaction-safe reports. The implementation reads local files, scans text and URLs, and may write an output report; it does not attempt to read unrelated system secrets, nor does it send data to external endpoints.
Install Mechanism
There is no install spec (instruction/CLI provided via bundled skill.js). package.json maps a local CLI binary but no external downloads or registry installs are required. No third-party packages are pulled in.
Credentials
The skill requests no environment variables or credentials. The code does not access secret environment variables or external service tokens; it only reads files in the working tree and may invoke git.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide settings. It may write an output file when --out is used, which is expected behavior for a CLI report generator.
Assessment
This appears to be a coherent local-only scanner. Before installing, ensure you: (1) are comfortable that the tool will read files in your repository/workspace (including any files under '.'), (2) have git on PATH if you plan to use diff presets, and (3) review the bundled rules/regex files if you want to tune sensitivity. If you need stronger assurance, inspect the remainder of skill.js (integrity checks are provided) or run it in a sandboxed environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk977j7c82anketj0xphswjtrcs818fxj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments