Axiomata Guard Scanner
PassAudited by ClawScan on May 13, 2026.
Overview
This appears to be a local, user-invoked skill scanner with no evidence of theft, persistence, or hidden network behavior, but its results should be treated as heuristic rather than definitive.
This skill looks reasonable to use as a local heuristic scanner, but only run it on files you intend to inspect and do not treat CLEAN or APPROVE as a complete security guarantee. Use it alongside manual review or other security checks before installing unknown skills.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill involves running local code, so users should only run the bundled script from a trusted installation and on intended files.
The skill asks the user or agent to execute a bundled local Python script. This is expected for its scanner purpose, but it still means local code runs with the user's normal permissions.
python3 scripts/guard_scanner.py --file <skill-path>
Run it only on skill files you intend to scan, and consider reviewing or sandboxing the helper script before relying on it.
Users may not realize from metadata alone that using the skill depends on running a local Python script.
The metadata does not declare a Python runtime or install requirements even though the skill includes and documents running a Python helper script.
Required binaries (all must exist): none ... No install spec — this is an instruction-only skill. Code file presence: scripts/guard_scanner.py
Confirm python3 is available and that the bundled script is the one being executed.
A user or agent could over-rely on the scanner's approval and skip broader manual review.
The skill presents broad security-assurance language and approval decisions. The provided source shows signature-style pattern checks, so a CLEAN or APPROVE result should not be treated as a complete guarantee.
Universal OpenClaw skill security scanner ... "decision": "APPROVE | WARN | NEUTRALIZE | ISOLATE"
Use this as one screening tool, not as the sole basis for installing or trusting another skill.