ClawHub

Skill Security Scanner by dxx

v1.0.0

Scan installed OpenClaw skills for potential security risks. Use when you want to check if skills contain dangerous commands, access sensitive paths, or have...

0· 79·0 current·0 all-time
by@ntaffffff
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match behavior: the code scans ~/.openclaw/workspace/skills for dangerous commands, sensitive paths, and network-call patterns. The requested resources (none) align with a local scanner.
Instruction Scope
SKILL.md instructs running the included Python script from the skills directory which is consistent with its purpose. The scanner reads all non-ignored files under the skills tree (may read files that contain secrets), and it ignores some document filetypes; these are implementation choices (may cause false negatives/positives) but not scope creep.
Install Mechanism
No install spec; the skill is instruction+script only. Nothing is downloaded or written to disk by an installer step beyond the existing skill files.
Credentials
No environment variables, credentials, or config paths are requested. The scanner only looks for sensitive path strings in other skills' files; it does not attempt to read external secrets or ask for unrelated credentials.
Persistence & Privilege
always:false and user-invocable:true (normal). The skill does not modify other skills or global agent settings; it simply reads files under the skills directory.
Assessment
This script appears to be a straightforward local scanner. Before running it, inspect the skill_scan.py yourself (you already have the source) and confirm it contains no network calls or code-execution paths (it does not). Run it in a safe/test environment if any skills contain sensitive secrets, since the scanner will read files under ~/.openclaw/workspace/skills. If you use it regularly, consider improving false-positive handling and binary detection, and avoid trusting scanner output as a replacement for manual review of flagged files.

Like a lobster shell, security has layers — review code before you run it.

latestvk971c0wbxp8rvt8y6mw6p0ncen84ec77safetyvk971c0wbxp8rvt8y6mw6p0ncen84ec77scanvk971c0wbxp8rvt8y6mw6p0ncen84ec77securityvk971c0wbxp8rvt8y6mw6p0ncen84ec77skillvk971c0wbxp8rvt8y6mw6p0ncen84ec77
79downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@ntaffffff
latestsafetyscansecurityskill
Download

Skill Security Scan

扫描已安装的 OpenClaw skill,检测潜在的安全风险。

功能

  • 🔍 扫描所有已安装 skill
  • ⚠️ 检测危险命令(rm -rf /、fork 炸弹等)
  • 🔒 检查敏感路径访问
  • 🌐 检查网络请求安全性
  • 📊 生成风险报告

使用方法

# 运行安全扫描
python3 ~/.openclaw/workspace/skills/skill-security-scan/skill_scan.py

检查项

高风险

  • rm -rf / - 删除根目录
  • rm -rf ~ - 删除用户目录
  • Fork 炸弹
  • 直接写入磁盘设备

中风险

  • 访问敏感路径(/etc/passwd、~/.ssh/ 等)
  • 使用 eval/exec

低风险

  • 网络请求未验证 SSL
  • 使用 os.system/subprocess

安全建议

  1. 只安装可信来源的 skill

    • 优先使用 clawhub 官方 skill
    • 检查 GitHub 仓库的 star 数和更新频率

  2. 检查 skill 代码

    • 阅读 SKILL.md 了解功能
    • 检查 scripts/ 目录下的代码

  3. 隔离测试

    • 新 skill 先在测试环境运行
    • 观察是否有异常行为

  4. 定期扫描

    • 定期运行安全检查
    • 及时更新 skill 到最新版本

  5. 最小权限原则

    • 不给 skill 不必要的权限
    • 敏感操作需要确认

Comments

Loading comments...