ClawHub

One Skill To Rule Them All

v1.0.0

Security auditing skill that detects malicious patterns like prompt injection, data exfiltration, obfuscation, and privilege escalation in OpenClaw SKILL.md...

3· 1.9k·5 current·5 all-time
by@hichana
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The SKILL.md describes a security-analysis tool for auditing other SKILL.md files. There are no declared env vars, binaries, or install steps beyond reading the skill text — that aligns with the stated purpose.
Instruction Scope
The instructions ask the agent to analyze pasted content or a provided file path and to produce cleaned versions on request. That is reasonable for an analyzer, but it means the agent may read any file path you give it; the SKILL.md itself lists many sensitive paths to flag when auditing other skills (expected), but it does not itself instruct network exfiltration. Users should avoid pointing it at sensitive local files unless they intend that content to be examined.
Install Mechanism
No install spec and no code files are present (instruction-only), so nothing will be downloaded or written to disk by an installer — lowest-risk model.
Credentials
The skill declares no required environment variables, credentials, or config paths. The SKILL.md enumerates sensitive files and envs as detection targets (expected for a scanner) but does not ask for them.
Persistence & Privilege
always is false and model invocation is allowed (platform default). The skill does not request permanent system presence or to modify other skills' configs.
Scan Findings in Context
[ignore-previous-instructions] expected: The SKILL.md deliberately documents prompt-injection patterns such as 'ignore previous instructions' as examples to detect; the scanner flagged that phrase because it appears in the documentation. This is expected and not by itself malicious.
Assessment
This skill is coherent for its stated purpose (auditing SKILL.md files) and does not request credentials or install software. Before using it, check the source/author (no homepage/source listed here). Be careful when asking it to 'analyze' a file path — it may read any file you point it at, so do not supply paths to secrets (e.g., ~/.ssh, ~/.aws/credentials, .env) unless you intend the tool to examine them. When requesting a 'cleaned' version, review the output carefully before using it, since automated removals can alter intended behavior or leak snippets from the reviewed file.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d7hv5gcmh0h3qfcgbyczngs809enp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments