OSV Scanner
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: osv-scanner Version: 1.0.0 The skill bundle is classified as suspicious due to two main indicators. First, the `SKILL.md` and `README.md` files contain an explicit instruction to rename `template/ScanResult.txt` to `template/ScanResult.xlsx`. The `ScanResult.txt` file is actually a ZIP archive (an XLSX file disguised with a .txt extension), which is a suspicious file manipulation pattern that could be used for evasion. Second, the `scanner.py` script utilizes `subprocess.run` with `shell=True` for executing system commands (`lsb_release`, `dpkg-query`). While the commands are hardcoded and not directly exploitable in this specific context, the use of `shell=True` is a risky capability that generally increases the attack surface for shell injection vulnerabilities if any part of the command string were to become user-controlled or untrusted.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Google OSV can receive a list of the packages and versions being scanned, which may reveal details about a project or system.
The scanner sends package names, ecosystems, and versions to https://api.osv.dev/v1/query. This is disclosed and central to vulnerability scanning, but it means dependency or OS package inventory is shared with an external provider.
payload = {"version": version, "package": {"name": name, "ecosystem": ecosystem}} ... requests.post(url, json=payload)Only scan projects or hosts where sharing package/version inventory with OSV is acceptable; use a private or offline scanner for sensitive environments.
Running the OS mode lets the scanner inspect the machine’s installed package list.
In OS-scan mode, the script runs fixed local shell commands to detect the Linux distribution and list installed packages. The commands are not built from user-controlled input and are purpose-aligned, but they are still local command execution.
subprocess.run("lsb_release -a | grep 'Distributor ID' | awk '{print $3}'", shell=True, ...); subprocess.run("dpkg-query -W -f='${binary:Package} ${Version}\\n'", shell=True, ...)Use the OS-scan mode only on machines you intend to inventory, and review the command before running `python3 scanner.py os`.
Future installs may pull different dependency versions, which can affect reproducibility or inherit upstream package risk.
The setup instructions install dependencies without pinned versions or a lockfile. This is normal for a small Python utility, but it relies on whatever package versions are available from the package index at install time.
pip install requests openpyxl
Install in a virtual environment and consider using pinned versions or a reviewed requirements file before relying on the scanner.