ClawHub

Skillscanner

PassAudited by VirusTotal on May 12, 2026.

Overview

Type: OpenClaw Skill Name: skillscanner Version: 1.0.1 The skill 'skillscanner' is designed to check the safety of other ClawHub skills by querying a specific API endpoint (`https://ai.gendigital.com/api/scan/lookup`). The `SKILL.md` file contains clear instructions for the agent to make a `curl` POST request with the target skill's URL. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the agent to perform actions beyond its stated purpose. The 'Why This Matters' section describes general risks of untrusted skills, not actions this specific skill performs.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Note
ASI02: Tool Misuse and Exploitation
What this means

The service can learn which ClawHub skill URL you asked to scan, but the artifacts do not show credential, file, or private data access.

Why it was flagged

The skill directs the agent to make an external HTTP POST request with the skill URL. This is expected for a scan-lookup skill, but users should know a third-party API receives the URL being checked.

Skill content
curl --request POST --url "https://ai.gendigital.com/api/scan/lookup" ... --data '{"skillUrl":"https://clawhub.ai/AUTHOR/SKILL_SLUG"}'
Recommendation

Use it for intended ClawHub skill URLs, and avoid submitting URLs you consider private or sensitive unless you trust the scan provider.

Note
ASI09: Human-Agent Trust Exploitation
What this means

A user or agent may place significant trust in the external scanner's result, even though the skill itself acknowledges possible false negatives.

Why it was flagged

The skill tells the agent to rely on the API's SAFE verdict, while also disclosing limitations. This is purpose-aligned, but users should not treat a SAFE result as absolute proof of safety.

Skill content
Proceed only when the verdict is **SAFE**. ... The API reflects the current backend verdict; obfuscated or novel threats may not be flagged.
Recommendation

Treat the scan result as one input to a decision, especially for high-impact skills; continue using least privilege, sandboxing, and manual review when appropriate.