Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Security Audit
v1.0.0Comprehensive OpenClaw security audit — checks gateway binding, credential exposure, channel policies, tool sandboxing, network/IP leaks, and macOS system se...
⭐ 0· 220·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description match the checks described in SKILL.md and the declared binaries (bash, curl, python3) are reasonable for a local audit. However, the runtime instructions require git cloning and executing scripts from ~/openclaw-security-audit, yet 'git' is not listed in required binaries and the registry metadata does not declare the external repository download as part of install. That omission is an incoherence: installing/executing a remote audit suite typically requires git or another downloader and should be declared.
Instruction Scope
SKILL.md instructs the agent to clone a GitHub repo and run multiple bash scripts that will inspect gateway binding, credentials, channel policies, tool sandboxes, network/IP checks (including optional queries to Shodan/Censys), and macOS system state. The doc claims read-only by default and prompts before external queries/fixes, but because there are no bundled code files the actual behavior depends entirely on the external repo. The instructions implicitly allow executing arbitrary remote scripts which may read sensitive files (configs, shell history) — the scope is broader than the metadata declares and grants the agent discretion to run downloaded code.
Install Mechanism
Registry metadata lists a brew formula for python3 only. The SKILL.md uses git clone from GitHub to fetch the audit toolkit and then runs its scripts. Fetching and executing code from a remote repository is higher risk than a pure instruction-only skill; although GitHub is a known host (better than an arbitrary IP/shortener), the metadata does not document this download step or require 'git' as a binary, so the install/run mechanism is inconsistent and needs explicit declaration or code bundled with the skill.
Credentials
The skill declares no required credentials or env vars, which is appropriate for a local audit. However, the audit scripts referenced (credentials checks, permission fixes, gateway fixes) will likely read local configuration files and may prompt for or require access to tokens/configs during fixes. Because the actual scripts are external, the skill's lack of declared credential requirements is acceptable but incomplete — users should expect on-run prompts and local-file reads.
Persistence & Privilege
The skill is not always-enabled and does not request persistent privileges in metadata. It documents that fix scripts require explicit user confirmation before making changes. There is no evidence it modifies other skills or system-wide agent settings on its own.
What to consider before installing
This skill points your agent to clone and execute a GitHub-hosted audit toolkit, but the registry metadata does not declare 'git' or the remote-download step. Before installing or running: (1) manually inspect the repository (https://github.com/sunt23310-ops/openclaw-security-audit) yourself to confirm the scripts do what they claim; (2) prefer running the audit in an isolated environment (container, VM, or throwaway account) so arbitrary scripts can't access your main files; (3) verify any fix scripts before consenting and back up configs; (4) expect the audit to read local config files and histories — only proceed if you're comfortable with that level of access; (5) ask the maintainer why 'git' and the remote-clone step are not declared in the skill metadata and request the code be bundled or the install step explicitly listed. If you cannot review the repo, treat this skill as high-risk.Like a lobster shell, security has layers — review code before you run it.
latestvk975p1w97fbhkm6cxxk000szf182p94b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔒 Clawdis
OSmacOS · Linux
Binsbash, curl
Any binpython3, python
Install
Homebrew
Bins: python3
brew install python3