Agent Skills Tools
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: agent-skills-tools Version: 0.1.0 This skill is designed as a security audit tool for other OpenClaw skill packages. The `skill-security-audit.sh` script uses standard command-line tools (`find`, `grep`, `git log`) to analyze the contents and Git history of a target skill directory for common vulnerabilities like hardcoded credentials, dangerous file access patterns, and network requests. All operations are read-only and confined to the specified target directory. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the agent in SKILL.md that would deviate from its stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent or user points it at a broad private directory instead of a skill package, file paths and matching lines from more local files could be shown in the audit output.
The scanner recursively inspects a user-supplied or default current directory and can inspect Git history; this is intended for auditing skills, but scope depends entirely on the path used.
SKILL_DIR="${1:-.}" ... find "$SKILL_DIR" ... git -C "$SKILL_DIR" log --all -S "api_key"Run it only on the specific skill package you intend to audit, and avoid using home directories or unrelated project roots as the target.
Real secrets in a scanned package could become visible in the agent transcript or logs while reviewing the audit results.
When the audit finds credential-like strings, it prints matching lines to the output instead of redacting the secret value.
CREDENTIAL_LEAKS=$(find "$SKILL_DIR" ... grep ...); ... echo "$CREDENTIAL_LEAKS"
Treat audit output as sensitive; redact matched values before sharing, or modify the scanner to mask secret values by default.
Users have less publisher/project context to rely on and should base trust on reviewing the included files.
The package has limited external provenance information, although the included script is small and fully visible in the provided artifacts.
Source: unknown; Homepage: none; Install specifications: No install spec — this is an instruction-only skill.
Review the visible script before running it and prefer verified publisher/source links when available.