ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Skillguard

v1.0.0

Run a complete security audit on any OpenClaw SKILL.md in one call. Combines malware scanning (SkillScan), permission scope analysis (ScopeCheck), and prompt...

0· 51·0 current·0 all-time
by@mirni
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the code: the service runs three checks (SkillScan, ScopeCheck, PromptGuard) and returns a unified verdict. It only requires Python and common web-framework packages, which is proportionate for a local audit server.
Instruction Scope
SKILL.md instructs running a local uvicorn server and POSTing SKILL.md content; there are no instructions to read arbitrary host files or request unrelated credentials. The example uses 'cat path/to/SKILL.md' which is user-driven and not automatic.
!
Install Mechanism
Registry install metadata lists a generic 'uv' entry, while the SKILL.md metadata specifies pip packages (fastapi, uvicorn, pydantic, pyyaml). The package files in the bundle do not include the dependent 'products.*' modules the code imports, so the runtime will rely on platform-provided modules or additional installs. That mismatch is a risk: it is unclear what additional code will be present at runtime and whether it will be pulled from remote sources.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The code does not itself read environment variables or secrets.
Persistence & Privilege
always is false, the skill does not request permanent inclusion or system-wide configuration changes, and there are no instructions to modify other skills or agent settings.
What to consider before installing
This skill appears to do what it says: start a local server and analyze SKILL.md content. The main concerns are (1) the bundle does not include the 'products.skillscan', 'products.scopecheck', and 'products.promptguard' modules that the code imports — you need to verify where those come from and what they do at runtime, and (2) the registry-level install spec is incomplete compared to the SKILL.md metadata, so confirm the actual install steps. Before installing or running this on sensitive machines: review the implementations (or platform-provided sources) of the three product modules to ensure they do not send submitted SKILL.md content to external services or log it to remote endpoints, and ensure the pip install list is explicit and comes from trusted package sources. If you cannot inspect or verify those modules, treat the skill as untrusted and run it only in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f306wt08zs0r80j6g9q4t6984rxks

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🏰 Clawdis
Binspython

Install

uv

Comments