ClawHub

claw skill security audit

v1.0.0

Conduct comprehensive security audits and vulnerability analysis on codebases. Use when explicitly asked for security analysis, code security review, vulnerability assessment, SAST scanning, or identifying security issues in source code. Covers injection flaws, broken access control, hardcoded secrets, insecure data handling, authentication weaknesses, LLM safety, and privacy violations.

1· 2.2k·15 current·15 all-time
by@kylehuan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (security audits, SAST, prompt-injection checks) align with the delivered content: SKILL.md and two reference files provide detection patterns and checklists. No unrelated binaries, env vars, or installs are requested.
Instruction Scope
Overall the runtime guidance stays within the stated purpose (read-only analysis, detection checklists, do-not-exfiltrate guidance). Minor inconsistency: the doc emphasizes 'Read-only operations only' and 'DO NOT write/modify/delete files', but also says 'Store artifacts in .shield_security/ directory' — that implies writing files when artifacts are produced. This is a small scope/behavior ambiguity that should be clarified before use (when is writing allowed, and who authorizes it).
Install Mechanism
Instruction-only skill with no install spec and no code files — minimal disk footprint and no external downloads. This is the lowest-risk install model.
Credentials
The skill requests no environment variables, no credentials, and no config paths. That is proportionate for a guidance-only audit skill.
Persistence & Privilege
always:false, user-invocable:true, and no instructions that attempt to persist or modify system/agent-wide configuration. The references discuss persistence risks as warnings rather than attempting them.
Scan Findings in Context
[ignore-previous-instructions] expected: The phrase appears as an example of a dangerous pattern in the doc's checklist (i.e., 'Ignore all previous instructions...') — this is a legitimate warning/example, not an active directive instructing the agent to override safety.
[unicode-control-chars] expected: The reference material explicitly demonstrates zero-width/unicode-hiding techniques (example lines contain zero-width characters). These are included as detection examples; reviewers should still decode files to verify no accidental hidden instructions outside the examples.
Assessment
This skill is a coherent, instruction-only security-audit guide and appears safe to install in principle. Before using it: (1) Decide whether you want the agent to create artifact files — clarify/limit writes to .shield_security/ or run in a sandboxed directory, since the doc mixes 'read-only' with storing artifacts. (2) Manually scan the SKILL.md and reference files for any hidden unicode or encoded content (the docs include examples with zero-width chars). (3) When running analysis on sensitive repositories, keep the agent's filesystem/network permissions restrictive (no outbound uploads, no access to cloud credentials or secrets). (4) Do not provide real API keys or credentials to the agent; use masked or redacted test data. (5) If you want stronger assurance, run the skill in an isolated environment first and audit any produced artifacts before allowing broader access.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dk7g76jvex64zw0pwnketcd80kbtn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments