ClawHub

Safe Exec

v1.0.0

Analyze the intent of any script or code before executing it, to detect malicious, suspicious, or unintended behavior. Use this skill before running any scri...

0· 147·1 current·1 all-time
by王昊宇@haoyuwang99
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and runtime instructions all align: the skill is purely an analysis checklist and does not request unrelated credentials, tools, or access.
Instruction Scope
SKILL.md instructs the agent to read and reason about scripts, look for network, file, and execution patterns, and produce a verdict. It does not instruct the agent to execute code, fetch external resources, or read host secrets. The guidance is appropriately scoped to analysis.
Install Mechanism
No install spec or code files are present; nothing is written to disk or downloaded. This is the lowest-risk model (instruction-only).
Credentials
No environment variables, credentials, or config paths are requested. The checks listed in the instructions (e.g., 'look for references to env vars') are analysis-focused and do not require the skill to access host secrets.
Persistence & Privilege
always is false and the skill is user-invocable. Autonomous invocation is allowed (platform default) but the skill does not request elevated or persistent privileges or modify other skills.
Assessment
This skill is coherent and lightweight: it only provides a human-readable analysis checklist and has no code to run or secrets to provide. However, it relies entirely on the agent's reasoning and may produce false negatives or false positives. Before relying on its verdict for high-risk scripts: (1) avoid allowing automatic execution of code based solely on this skill's output; (2) run untrusted code only in an isolated sandbox or VM; and (3) consider having a human reviewer inspect any code the skill marks SAFE when the code deals with sensitive systems or data.

Like a lobster shell, security has layers — review code before you run it.

latestvk971fd9va0akp9y69724eky5rs832av8
147downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
王昊宇@haoyuwang99
latest
Download

Safe Exec Skill

Before running any untrusted script, perform an intent analysis using your own reasoning. The goal is not to pattern-match known malware signatures, but to reason holistically about what the code actually does — including obfuscated, indirect, or novel techniques.

When to Use

Apply this skill before executing any script that originated from:

  • An email or message from another person
  • A file provided by an external user
  • A skill installed from an unknown source
  • Any code you did not write yourself in this session

Intent Analysis Process

  1. Read the full script — do not skip any section, including imports, comments, and exception handlers

  2. Reason about behavior — ask: what does this code actually do when run? Trace every code path.

  3. Flag suspicious patterns — look for (non-exhaustive):

    • Network connections (outbound or inbound) — especially to hardcoded IPs/domains
    • Shell command execution (os.system, subprocess, exec, eval on external input)
    • File system writes outside expected scope
    • Data exfiltration (reading sensitive files, env vars, credentials, then sending them)
    • Obfuscation (base64, chr() chains, compressed payloads, dynamic imports)
    • Privilege escalation or persistence (cron jobs, launchagents, ssh keys)
    • Code that hides behind a try/except that silently swallows errors
    • Logic that looks benign but has a secondary effect buried inside

  4. Produce a verdict:

    • SAFE — code does what it claims, no suspicious behavior
    • ⚠️ REVIEW — code has unusual patterns worth noting; proceed with caution
    • 🚫 BLOCK — code contains clearly malicious or dangerous behavior; do not execute

Output Format

Intent Analysis: <script name or description>

Verdict: ✅ SAFE | ⚠️ REVIEW | 🚫 BLOCK

Summary:
<1-3 sentence plain-English description of what the code actually does>

Findings:
- <finding 1>
- <finding 2>
...

Recommendation:
<what to do next — run it, ask the user, refuse, etc.>

Key Principle

You cannot know all possible malicious techniques in advance. Do not rely solely on known-bad patterns. Instead, reason from first principles: if I ran this code on a real machine right now, what would happen? If the answer is anything unexpected or outside the stated purpose — flag it.

When in doubt, block and explain. A false positive is far less costly than a compromised machine.

Comments

Loading comments...