ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Axioma Guard (English)

v1.0.2

Axioma Guard scans OpenClaw skills for malicious code using Clawdex API and generates ethical countermeasures to protect your agent.

0· 52·0 current·0 all-time
by@kofna3369
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the code: the skill queries a Clawdex API for threat verdicts and can produce countermeasures. It only needs the ability to list local skills and make HTTP requests, which the code performs.
!
Instruction Scope
SKILL.md explicitly states only skill NAMES are sent to clawdex.koi.security. The code does that, but it also posts threat data to a Merlin service (MERLIN_API) to generate 'vaccines' — that outbound call is not documented in SKILL.md. The code reads the ./skills directory names (not file contents), which aligns with the stated behavior.
Install Mechanism
This is an instruction-only skill plus a local Python script; there is no remote download/install step, no extracted archives, and no third-party packages installed by the skill itself (it uses aiohttp but expects it to be available).
!
Credentials
SKILL.md documents an optional CLAWDEX_API env var but does not mention MERLIN_API. The code defaults MERLIN_API to http://localhost:8001 and will call it to generate countermeasures. This undeclared endpoint may be unexpected for users and could result in additional local network activity. No secret credentials are requested.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system config, and does not persist credentials. It only performs on-demand scans via CLI.
What to consider before installing
This skill largely matches its stated purpose (it lists local ./skills directory entries and queries a Clawdex endpoint for each skill name). Before installing: 1) Understand it will send skill NAMES to https://clawdex.koi.security by default — only install if you trust that service. 2) The script also contacts a Merlin service at http://localhost:8001 (MERLIN_API) to generate 'vaccines' but that call is not documented in SKILL.md; either run a trusted local Merlin service or set MERLIN_API to a safe endpoint or unset it (the code falls back to a generic vaccine message on failure). 3) The code does not send files or secrets, but Clawdex responses (arbitrary JSON) are forwarded to the Merlin endpoint — review network traffic if you are cautious. 4) If you want to proceed, consider running the script in a sandbox or inspecting/hosting your own Clawdex/Merlin endpoints; ask the author to document MERLIN_API and to confirm exactly what data Clawdex returns and how it is used. If you are unsure or cannot verify the endpoints, do not install.

Like a lobster shell, security has layers — review code before you run it.

latestvk9731mjf0j38g64qt18104f44183hhv2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments