Argus — Code Intelligence Scanner
PassAudited by VirusTotal on May 9, 2026.
Overview
Type: OpenClaw Skill Name: argus1 Version: 1.0.1 The 'argus1' skill is a local static analysis tool designed to scan Python and JavaScript codebases for security vulnerabilities and bugs using regular expressions. The code in SKILL.md performs file system operations consistent with its stated purpose, such as reading source files and writing reports locally, without any evidence of data exfiltration, network communication, or malicious intent.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run from a broad directory, it may inspect and report on more local code than the user intended.
The scanner can recursively inspect local source files from the current directory by default. This is expected for a code scanner, but users should ensure the directory is intentionally scoped.
description: "Path to a .py or .js file, or a directory to scan recursively. Defaults to current directory."
Set SOURCE_PATH to the specific project or file you want scanned, and avoid running it from your home directory or other broad private locations.
Installing this way could affect the system Python environment or pick up a future package version with different behavior.
The setup step installs an unpinned external Python package and uses --break-system-packages, which can modify the system-managed Python environment. The step is disclosed and user-directed, so this is a supply-chain/environment note rather than evidence of malicious behavior.
pip3 install rich --break-system-packages --quiet
Install dependencies in a virtual environment, avoid --break-system-packages where possible, and consider pinning the Rich package version.