DepGuard
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: depguard Version: 1.0.1 The OpenClaw DepGuard skill is classified as benign. It performs dependency auditing, vulnerability scanning, and license compliance checks as advertised. All operations, including scanning, reporting, fixing, and license validation, are designed to run locally without external data exfiltration or 'phone-home' behavior, which is explicitly stated and confirmed by the code. While the skill executes powerful commands (e.g., `npm audit fix`, `git hooks install`) that modify the user's project, these actions are central to its stated purpose and are clearly documented. The shell scripts (`scripts/*.sh`) consistently quote user-provided directory arguments, mitigating direct shell injection risks. There is no evidence of malicious intent, obfuscation, or attempts at unauthorized access or persistence beyond the documented git hooks.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using a malicious or malformed license key could potentially run unintended local commands when Pro or Team features validate the license.
A decoded license JWT payload, ultimately controlled by the configured license key, is interpolated directly into Python code executed with python3 -c. A crafted payload containing quotes or code syntax could change what the interpreter runs during license checks.
payload=$(decode_jwt_payload "$key") ... tier=$(extract_field "$payload" "tier") ... python3 -c "import json; print(json.loads('$json').get('$field', ''))"Do not interpolate JSON or paths into interpreter source strings. Pass data via stdin, files, environment variables, or argv; properly escape values; and verify JWT signatures before trusting license claims.
A user may believe dependency names and versions never leave the machine, when the underlying audit tools may contact external registries or vulnerability databases.
The implementation invokes native audit tools such as npm audit, pip-audit, safety, govulncheck, composer audit, and similar commands. Those tools may query external vulnerability services with package metadata, so the blanket privacy statement is under-disclosed.
- All scanning happens locally using native audit tools - No code or dependency data is sent externally
Clarify which audit tools may use network services, what dependency metadata they may send, and provide an explicit offline mode or user approval before networked audits.
Scans and fixes can reveal dependency metadata to provider tools and auto-fix can change package versions or lockfiles.
Delegating to package-manager audit and fix tools is central to the skill's purpose, but these commands can affect project dependencies and may interact with external package ecosystems.
Runs native audit commands (npm audit, pip-audit, cargo audit, etc.) ... `depguard fix [directory]` Auto-fix vulnerabilities by upgrading to patched versions where available.
Run scans/fixes only in intended project directories, review package and lockfile diffs, and avoid auto-fix on critical branches without version control.
After installation, commits that modify lockfiles may be blocked until vulnerabilities are addressed or the hook is bypassed.
The hook configuration persists a pre-commit action that sources the skill scanner and runs on lockfile changes. This is disclosed and scoped to the repository, with an uninstall path.
pre-commit: ... source "$DEPGUARD_SKILL_DIR/scripts/scanner.sh" ... do_scan . ... fail_text: Dependency vulnerabilities detected!
Install hooks only in repositories where this behavior is desired, keep the skill directory protected from tampering, and use the documented uninstall command if continuous checks are no longer wanted.
The skill can access the configured DepGuard license key locally for feature gating.
The skill reads a DepGuard license key from either an environment variable or the OpenClaw config. This is declared and expected for paid features.
OPENCLAW_CONFIG="${HOME}/.openclaw/openclaw.json" ... DEPGUARD_LICENSE_KEY="${DEPGUARD_LICENSE_KEY:-}" ... cfg.get('skills', {}).get('entries', {}).get('depguard', {}).get('apiKey', '')Store the license key only in the intended OpenClaw config or environment variable, and avoid sharing logs or terminal output that may expose configuration details.