ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

inputshield

v1.0.1

Input validation & sanitization scanner -- catches missing validation, unsafe deserialization, ReDoS, path traversal, command injection, and XSS patterns

0· 80·0 current·0 all-time
by@suhteevah

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for suhteevah/inputshield.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "inputshield" (suhteevah/inputshield) from ClawHub.
Skill page: https://clawhub.ai/suhteevah/inputshield
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: git, bash, python3, jq
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install inputshield

ClawHub CLI

Package manager switcher

npx clawhub@latest install inputshield
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name/description (input validation scanner) matches the provided files and runtime behavior: dispatcher, analyzer, pattern definitions, and license checking. Required binaries (git, bash, python3, jq) and the single primary credential (INPUTSHIELD_LICENSE_KEY) are appropriate for local scanning, config parsing, and license validation. The brew install of lefthook is coherent with the described git-hook integration.
Instruction Scope
SKILL.md instructs the agent to run local shell scripts which: discover source files, run grep-based regex patterns, produce reports, and optionally install lefthook hooks. The runtime scripts only read project files and the declared config path (~/.openclaw/openclaw.json) for license lookup. There are no instructions to send data to external endpoints or to read unrelated system credentials. One minor note: license.sh will attempt to run local python/node/jq to parse the OpenClaw config and will accept an env var override for the license key.
Install Mechanism
Install is limited to recommending/using the lefthook brew formula (common git hook manager). There are no downloads from untrusted URLs or archive extraction steps in the provided install spec. The installer copies a lefthook.yml into the repo when hooks are installed, which is expected for pre-commit hook integration.
Credentials
Only one primary credential is required (INPUTSHIELD_LICENSE_KEY) which is justified by the Pro/Team licensing model. The scripts also read the declared config path (~/.openclaw/openclaw.json) to find a stored apiKey. There is an optional CLAWHUB_JWT_SECRET usage inside license validation (only for signature verification) which is not required but harmless when present; it is not listed as required in metadata but its presence only tightens license verification.
Persistence & Privilege
The skill is not always-enabled and is user-invocable (normal). Installing hooks will write/modify lefthook.yml in the repository and run lefthook install — expected behavior. Note: the lefthook hook configuration sources scripts from the skill directory (INPUTSHIELD_SKILL_DIR or ~/.openclaw/skills/inputshield) at commit time; this means the hook will execute whatever code exists at that path when triggered, so ensure the skill install location is trusted and not writable by untrusted parties.
Assessment
What to consider before installing: - The skill appears to be what it claims: a local, grep/regex-based scanner with an optional paid license. The single required secret (INPUTSHIELD_LICENSE_KEY) is proportionate to the license checks. - License handling: the scripts will look in ~/.openclaw/openclaw.json for a stored apiKey and may invoke local python/node/jq to parse that file; if you prefer, set INPUTSHIELD_LICENSE_KEY as an environment variable instead of storing it in config. - Pre-commit hooks: installing hooks will copy/modify lefthook.yml in your repo and run lefthook install. The hooks source the skill scripts from the skill installation directory at commit time — ensure that directory is trusted and not writable by others because hooks execute code from there when you commit. - No telemetry/network calls were found in the provided scripts, but the source is listed as "unknown" in registry metadata; if you do not already trust the publisher, inspect the shipped scripts (dispatcher.sh, analyzer.sh, license.sh, patterns.sh) before running installs or enabling hooks. - Functional note: detection is regex-based and may produce false positives; review findings before taking automated action. If you install, prefer running a one-shot scan first (no hooks) to validate behavior and outputs.
scripts/patterns.sh:259
Shell command execution detected (child_process).
scripts/patterns.sh:270
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🛡️ Clawdis
OSmacOS · Linux · Windows
Binsgit, bash, python3, jq
Primary envINPUTSHIELD_LICENSE_KEY

Install

Install lefthook (git hooks manager)
Bins: lefthook
brew install lefthook
latestvk977q1r4zj9afa1h9qeybc6ped84v8ec
80downloads
0stars
2versions
Updated 1w ago
v1.0.1
MIT-0
macOS, Linux, Windows
@suhteevah
latest
Download

InputShield -- Input Validation & Sanitization Scanner

InputShield scans codebases for missing input validation, unsafe deserialization, ReDoS (Regular Expression Denial of Service), path traversal, command injection, XSS via unsanitized output, and other input handling vulnerabilities. It uses regex-based pattern matching against 90 vulnerability patterns across 6 detection categories, produces markdown reports with actionable remediation recommendations, and integrates with git hooks via lefthook. 100% local. Zero telemetry.

Commands

Free Tier (No license required)

inputshield scan [file|directory]

One-shot input validation scan of files or directories.

How to execute:

bash "<SKILL_DIR>/scripts/dispatcher.sh" --path [target]

What it does:

  1. Accepts a file path or directory (defaults to current directory)
  2. Discovers all source files (skips .git, node_modules, binaries, images, .min.js)
  3. Runs 90 input validation vulnerability detection patterns against each file
  4. Respects .gitignore and exclusion files
  5. Calculates an input safety score (0-100) per file and overall
  6. Grades: A (90-100), B (80-89), C (70-79), D (60-69), F (<60)
  7. Outputs findings with: file, line number, check ID, severity, description, recommendation
  8. Exit code 0 if score >= 70, exit code 1 if score < 70
  9. Free tier limited to first 30 patterns (5 per category)

Example usage scenarios:

  • "Scan my code for input validation issues" -> runs inputshield scan .
  • "Check for XSS vulnerabilities" -> runs inputshield scan src/
  • "Find command injection risks" -> runs inputshield scan .
  • "Audit input handling in my project" -> runs inputshield scan .
  • "Check for ReDoS patterns" -> runs inputshield scan .
  • "Find path traversal vulnerabilities" -> runs inputshield scan src/

Pro Tier ($19/user/month -- requires INPUTSHIELD_LICENSE_KEY)

inputshield scan --tier pro [file|directory]

Full scan with 60 patterns (10 per category).

How to execute:

bash "<SKILL_DIR>/scripts/dispatcher.sh" --path [target] --tier pro --license-key "$INPUTSHIELD_LICENSE_KEY"

What it does:

  1. Validates Pro+ license
  2. Runs expanded pattern set (60 of 90 patterns)
  3. All free tier features plus deeper detection coverage
  4. Unlimited file scanning

inputshield hooks install

Install git pre-commit hooks that scan staged files for input validation issues before every commit.

How to execute:

bash "<SKILL_DIR>/scripts/dispatcher.sh" hooks install

What it does:

  1. Validates Pro+ license
  2. Copies lefthook config to project root
  3. Installs lefthook pre-commit hook
  4. On every commit: scans all staged files, blocks commit if critical/high findings

inputshield hooks uninstall

Remove InputShield git hooks.

bash "<SKILL_DIR>/scripts/dispatcher.sh" hooks uninstall

inputshield report [directory]

Generate a markdown input validation report with findings, severity breakdown, and remediation steps.

bash "<SKILL_DIR>/scripts/dispatcher.sh" report --path [directory]

What it does:

  1. Validates Pro+ license
  2. Runs full scan of the directory
  3. Generates a formatted markdown report from template
  4. Includes per-file breakdowns, input safety scores, remediation priority
  5. Output suitable for security reviews and compliance audits

Team/Enterprise Tier ($39/user/month -- requires INPUTSHIELD_LICENSE_KEY with team tier)

inputshield scan --tier team [file|directory]

Complete scan with all 90 patterns (15 per category).

bash "<SKILL_DIR>/scripts/dispatcher.sh" --path [target] --tier team --license-key "$INPUTSHIELD_LICENSE_KEY"

inputshield audit [directory]

Deep input validation audit with all 90 patterns and verbose output.

bash "<SKILL_DIR>/scripts/dispatcher.sh" audit --path [directory] --verbose

What it does:

  1. Validates Team+ license
  2. Runs all 90 patterns with verbose output
  3. Per-category breakdown with detailed statistics
  4. JSON/HTML output formats available

inputshield scan --category [IV|DS|RD|PT|CI|XS]

Category-specific scan to focus on a single vulnerability class.

bash "<SKILL_DIR>/scripts/dispatcher.sh" --path [target] --category CI

inputshield status

Show license and configuration information.

bash "<SKILL_DIR>/scripts/dispatcher.sh" status

Detection Categories

InputShield detects 90 vulnerability patterns across 6 categories (15 patterns each):

CategoryCodeExamplesSeverities
Input ValidationIVMissing length checks, no type validation, raw user input acceptance, missing allowlist, no boundary checks, unvalidated numeric input, missing null checks, regex-less format validationCritical/High/Medium/Low
DeserializationDSUnsafe JSON.parse, pickle.loads, yaml.load without SafeLoader, Java ObjectInputStream, unvalidated unmarshaling, PHP unserialize, Ruby Marshal.load, .NET BinaryFormatterCritical/High/Medium
ReDoSRDCatastrophic backtracking, nested quantifiers, overlapping alternations, exponential patterns, unbounded repetition on complex groups, evil regex constructsHigh/Medium/Low
Path TraversalPTDirectory traversal (../), unsanitized file paths, user-controlled file access, symlink following, path joining with user input, open() with variables, file inclusionCritical/High/Medium
Command InjectionCIShell exec with user input, eval(), exec(), system() with variables, subprocess with shell=True, os.popen, template injection, child_process.execCritical/High/Medium
XSS/OutputXSinnerHTML with user data, dangerouslySetInnerHTML, document.write, unsanitized template interpolation, missing output encoding, v-html directive, raw HTML renderingCritical/High/Medium/Low

Severity Levels

LevelMeaningScore WeightAction Required
CriticalDirectly exploitable vulnerabilities (RCE, injection)-25 pointsFix immediately -- blocks deployment
HighSerious security risks requiring prompt attention-15 pointsFix in current sprint
MediumPotential vulnerabilities that need review-8 pointsReview and remediate
LowInformational, possible false positives, style issues-3 pointsInvestigate when convenient

Scoring System

InputShield calculates an Input Safety Score from 0 to 100:

  • Score starts at 100 (clean)
  • Each finding deducts points based on severity: critical=25, high=15, medium=8, low=3
  • Score floors at 0 (cannot go negative)
  • Pass threshold: 70 (exit code 0 if >= 70, exit code 1 if < 70)

Letter Grades

GradeScore RangeMeaning
A90-100Excellent -- minimal or no input validation issues
B80-89Good -- minor issues that should be addressed
C70-79Acceptable -- passing threshold, issues need attention
D60-69Poor -- below threshold, significant issues found
F0-59Failing -- critical input validation vulnerabilities detected

Tier-Based Pattern Access

TierPatterns AvailablePer CategoryPrice
Free30 patterns5 per category$0
Pro60 patterns10 per category$19/user/month
Team90 patterns (all)15 per category$39/user/month
Enterprise90 patterns (all)15 per categoryCustom pricing

Configuration

Users can configure InputShield in ~/.openclaw/openclaw.json:

{
  "skills": {
    "entries": {
      "inputshield": {
        "enabled": true,
        "apiKey": "YOUR_LICENSE_KEY_HERE",
        "config": {
          "severityThreshold": "high",
          "ignorePatterns": ["**/test/**", "**/fixtures/**", "**/*.test.*"],
          "ignoreChecks": [],
          "reportFormat": "markdown",
          "categories": ["IV", "DS", "RD", "PT", "CI", "XS"]
        }
      }
    }
  }
}

Output Formats

InputShield supports three output formats via --format:

  • text (default) -- Colorized terminal output with severity badges
  • json -- Structured JSON output for CI/CD integration
  • html -- HTML report with severity highlighting and category charts

Important Notes

  • Free tier works immediately with no configuration (30 patterns, 5 per category)
  • All scanning happens locally -- no code is sent to external servers
  • License validation is offline -- no phone-home or network calls
  • Pattern matching only -- no AST parsing, no external dependencies beyond bash
  • Supports scanning all file types in a single pass
  • Git hooks use lefthook which must be installed (see install metadata above)
  • Exit codes: 0 = pass (score >= 70), 1 = fail (score < 70, for CI/CD integration)
  • All regex patterns use POSIX ERE syntax compatible with grep -E

Error Handling

  • If lefthook is not installed and user tries hooks install, prompt to install it
  • If license key is invalid or expired, show clear message with link to https://inputshield.pages.dev/renew
  • If a file is binary, skip it automatically with no warning
  • If no scannable files found in target, report clean scan with info message
  • If --category specifies an invalid category, show available categories

When to Use InputShield

The user might say things like:

  • "Scan my code for input validation issues"
  • "Check for XSS vulnerabilities"
  • "Find command injection risks in my project"
  • "Audit input handling"
  • "Check for ReDoS patterns"
  • "Find path traversal vulnerabilities"
  • "Scan for unsafe deserialization"
  • "Check if my code sanitizes user input"
  • "Find missing input validation"
  • "Detect SQL injection and command injection"
  • "Check for unsafe eval usage"
  • "Scan for innerHTML XSS risks"
  • "Find pickle.loads and yaml.load issues"
  • "Generate an input validation report"
  • "Set up pre-commit hooks for input validation"
  • "Run a security scan focused on input handling"

Comments

Loading comments...