Skill Scanner
v0.1.2Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.
⭐ 24· 15.1k·145 current·149 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the code: this is a local static scanner that searches files for malicious patterns and offers a Streamlit UI. It does not request credentials or binaries unrelated to its purpose. However the skill's origin is unknown (no homepage) and README suggests cloning from a GitHub repo; validate the upstream source before installing.
Instruction Scope
Runtime instructions and code limit activity to reading the target skill folder (or uploaded files) and producing a report; the scanner performs regex-based pattern matching and the Streamlit UI writes uploaded files to a temporary directory for scanning. It does not appear to execute scanned code or access system credential files directly. Still, the SKILL.md/README emphasize scanning for access to credential paths (they detect strings like '~/.ssh' in code) — ensure you do not point the scanner at real secret stores, and avoid uploading sensitive files to the web UI.
Install Mechanism
No install spec provided (instruction-only skill with included Python files). That is low-risk from an install perspective — nothing is downloaded or extracted by an automated installer. The Streamlit UI is optional and requires you to pip-install streamlit yourself.
Credentials
The skill requests no environment variables or credentials. The scanner flags patterns that would indicate credential/file access in scanned code, but the scanner itself does not request or require secrets.
Persistence & Privilege
always=false and the skill does not request persistent system changes. The code writes uploaded content to a temporary directory only and does not modify other skills or system configuration according to the reviewed files.
What to consider before installing
This package appears to implement a local static scanner and a Streamlit UI that scans only the files you provide. Before installing or running it, do the following: 1) Verify the source/author — the registry metadata shows no homepage and the origin is unknown; prefer code from a trusted repo. 2) Inspect the full skill_scanner.py and streamlit_ui.py (the provided copy was truncated in places) to confirm there is no hidden behavior (network calls, code execution, auto-update). 3) Do not point the scanner at real secret stores or upload sensitive files to the web UI — it only looks for strings/patterns in files, but uploading sensitive data to a web UI increases exposure. 4) Run it in a sandbox or VM first and test on harmless sample skills to validate false-positive/negative behavior. 5) Note minor implementation issues (the UI references a format_markdown method and truncated code made it impossible to confirm all functions) — fix or review those before relying on automated CI gating. If you want higher assurance, ask the publisher for a canonical repo URL, full source, and a reproducible build or have a security-savvy reviewer audit the complete code.Like a lobster shell, security has layers — review code before you run it.
latestvk978s9d7k6hvnw654jte7k23318057wk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.