ClawHub

Openclaw Skill Scanner

v1.0.2

Security gate for OpenClaw AgentSkills. Scans folder/ClawHub skills with cisco-ai-defense/skill-scanner before installation. Supports manual scans, staged in...

2· 1k· 5 versions· 1 current· 1 all-time· Updated 7h ago· MIT-0
byJason O'Neal@jason-allen-oneal

Security Scans

VirusTotalBenignClawScanBenignStatic analysisBenign

Install

openclaw skills install skill-scanner-guard

Skill Scanner Guard

Harden OpenClaw’s skill supply chain:

  • Scan skills with cisco-ai-defense/skill-scanner
  • Block only on High/Critical
  • Allow Medium/Low/Info but warn
  • Auto-scan on changes to ~/.openclaw/skills
  • Quarantine failing skills to ~/.openclaw/skills-quarantine

Quick start

Install skill-scanner (repo + uv env)

cd "$HOME/.openclaw/workspace"
# or wherever you keep repos

git clone https://github.com/cisco-ai-defense/skill-scanner
cd skill-scanner
CC=gcc uv sync --all-extras

Note: some environments try gcc-12 while building yara-python; forcing CC=gcc avoids that.

Workflows

1) Scan all user skills (manual)

User skills live at:

  • ~/.openclaw/skills

Run:

$HOME/.openclaw/skills/skill-scanner-guard/scripts/scan_openclaw_skills.sh

Outputs go to:

  • /home/rev/.openclaw/workspace/skill_scans/

2) Install a folder skill with scan gate (copy/clone workflow)

Use the wrapper instead of copying directly:

$HOME/.openclaw/skills/skill-scanner-guard/scripts/scan_and_add_skill.sh /path/to/skill-dir

Policy:

  • Block only if High/Critical exist (unless --force)
  • Still installs if only Medium/Low/Info exist, but prints a warning summary

3) Install from ClawHub with scan gate (staging install)

Install to a staging dir, scan, then copy into ~/.openclaw/skills only if allowed:

$HOME/.openclaw/skills/skill-scanner-guard/scripts/clawhub_scan_install.sh <slug>
# optionally
$HOME/.openclaw/skills/skill-scanner-guard/scripts/clawhub_scan_install.sh <slug> --version <version>

4) Auto-scan + quarantine on change (systemd user units)

Install the units (templates are in references/):

mkdir -p ~/.config/systemd/user
cp -a "$HOME/.openclaw/skills/skill-scanner-guard/references/openclaw-skill-scan."* ~/.config/systemd/user/

systemctl --user daemon-reload
systemctl --user enable --now openclaw-skill-scan.path

Behavior:

  • Any change under ~/.openclaw/skills/ triggers scripts/auto_scan_user_skills.sh
  • If High/Critical findings exist, the script moves failing skill directories to: ~/.openclaw/skills-quarantine/<skillname>-<timestamp>
  • Reports are written to: /home/rev/.openclaw/workspace/skill_scans/auto/

Inspect:

systemctl --user status openclaw-skill-scan.path
journalctl --user -u openclaw-skill-scan.service -n 100 --no-pager
ls -la ~/.openclaw/skills-quarantine

Bundled resources

scripts/

  • scan_openclaw_skills.sh: generate markdown reports for user + bundled skills
  • scan_and_add_skill.sh: scan candidate folder skill; install only if allowed
  • clawhub_scan_install.sh: stage-install from ClawHub, scan, then install
  • auto_scan_user_skills.sh: scan-all on ~/.openclaw/skills changes; quarantine High/Critical failures

references/

  • openclaw-skill-scan.path / openclaw-skill-scan.service: systemd --user path trigger units

Version tags

latestvk97aparfhw0js5ff432htrhbvd81qrk8