skill-audit
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: openclaw-skill-audit Version: 1.0.2 The skill is a legitimate security auditing tool designed to perform static analysis on other OpenClaw skill bundles. The Python script (scripts/scan_skill.py) implements a comprehensive scanner using regex and AST analysis to detect prompt injection, data exfiltration patterns, and dangerous code execution (e.g., eval, exec, subprocess). The instructions in SKILL.md are defensive, directing the AI agent to act as a security gatekeeper during the installation of new skills. No malicious intent, hidden exfiltration, or unauthorized access patterns were found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Skill installs may take an extra scanning step before the agent reports success.
This instruction changes the agent’s normal install workflow by requiring the scanner to run after skill installation. It is disclosed and purpose-aligned, but users should know it can trigger automatically in that context.
When the clawhub skill is used to install a new skill, ALWAYS run skill-audit on the installed skill BEFORE confirming success to the user.
Allow this behavior only if you want an automatic pre-install or post-install security check for skills.
If approved with the wrong path, a deletion command could remove more than intended.
The skill documents a destructive shell command to remove a flagged skill folder. It is scoped to the skill path and requires user confirmation, but path verification matters.
If user confirms deletion: `rm -rf <skill-path>`
Before confirming deletion, check that the path points only to the intended skill folder.
The skill depends on a local Python runtime even though that dependency is not declared in the requirements section.
The skill relies on running a bundled Python helper, while the registry requirements declare no required binaries and there is no install spec. The helper is present in the manifest, so this is an under-declaration note rather than a concern.
python3 {baseDir}/scripts/scan_skill.py <path-to-installed-skill> --jsonEnsure python3 is available and review the bundled script if using this in a sensitive environment.