ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Skill Guard

Skill Security Scanner - Scan for risks before download/use. Use when: installing unknown skills, evaluating third-party code, or security auditing. / Skill安...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 39 · 0 current installs · 0 all-time installs
by@HuaiBuer
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included code: the Python module implements a pattern-based static scanner that walks a given path and searches files for suspicious tokens. Required binary (python3) is appropriate and proportional.
Instruction Scope
The SKILL.md usage shows an inspect_remote function and a RISK_PATTERNS dict that are not present in the code (the code provides scan() and check(), and RISK_PATTERNS is a list of tuples). The runtime instructions otherwise only ask you to run the scanner locally; the scanner only reads files under the provided path and does not transmit data externally.
Install Mechanism
There is no install spec that downloads external code; the repository is instruction-only with an included Python file. Nothing in the bundle writes or installs arbitrary binaries from remote URLs.
Credentials
The skill requests no environment variables or credentials. However, when you point the scanner at a directory it will read files there — so do not scan sensitive system or home directories unless intended (e.g., scanning /home/user can read files like .aws/credentials if present). This is expected for a local scanner but worth remembering.
Persistence & Privilege
Skill does not request persistent privileges, does not set always:true, and does not modify other skills or system-wide configuration. It only reads files within the supplied path.
Assessment
This appears to be a straightforward local static scanner that looks for suspicious tokens in files. Before using: (1) note that the SKILL.md and code are slightly out of sync (inspect_remote is documented but not implemented); (2) run the scanner only on the directories you intend — it will read file contents in the path you give it (don’t point it at your entire home or root unless you want those files examined); (3) expect false positives and false negatives — this is a heuristic pattern matcher, not a full taint-analysis engine; (4) because it’s local and includes no networking, it won’t exfiltrate data by itself, but always review the scanner’s source yourself if you plan to rely on its results. If you want remote inspection functionality, ask the author for an updated implementation or documentation.
skill_guard.py:29
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.3.0
Download zip
latestvk978jvc1hr9yzrgdnbewj0yzzd8312r8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛡️ Clawdis
Binspython3

SKILL.md

🛡️ Skill Guard / 安全检查

Security scanner for AI Skills. Check code safety before install or use.

When to Use / 使用场景

ENCN
Installing unknown skills安装未知来源的skill
Evaluating third-party code评估第三方代码
Security auditing安全审计
Before running untrusted code运行不受信任的代码前

Risk Categories / 风险类型

CategoryENCNSeverity
Code Execution代码执行🔴 Critical
File Deletion文件删除🔴 Critical
Command Injection命令注入🔴 Critical
Credential Leak凭证泄露🟠 High
Network Request网络请求🟠 High
Data Theft窃取数据🔴 Critical
Induce Transfer诱导转钱🔴 Critical
Virus/Backdoor病毒/后门🔴 Critical

Usage / 使用

# Scan local skill / 扫描本地skill
python3 -c "from skill_guard import scan; print(scan('/path/to/skill'))"

# Inspect remote / 检查远程
python3 -c "from skill_guard import inspect_remote; print(inspect_remote('skill-name'))"

Risk Patterns / 风险模式

RISK_PATTERNS = {
    'code_execution': ['exec(', 'eval(', 'compile(', '__import__'],
    'file_deletion': ['rm -rf', 'shutil.rmtree', 'os.remove'],
    'command_injection': ['subprocess', 'os.system', 'shell=True'],
    'credential_leak': ['password', 'api_key', 'token', 'secret'],
    'data_theft': ['/etc/passwd', '~/.ssh', 'clipboard'],
    'induce_transfer': ['alipay', 'bank_card', 'payment'],
    'virus_backdoor': ['ransomware', 'miner', 'backdoor'],
}

Installation / 安装

npx clawhub install skill-guard-waai

Author / 作者

  • WaaiOn

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…