ClawHub

ClawGuard | Anti-Malware Scanner & Honeypot

v1.0.4

Intrusion Detection System & Dynamic Honeypot. Protects your workspace from malicious skills.

0· 603·9 current·9 all-time
by@tonyjb
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (local IDS + honeypot) matches the requested capabilities: local_read and local_write to place and inspect honeypot files, notify to alert the user, and shell access listed but gated by an approval policy. No unrelated credentials, binaries, or network endpoints are requested.
Instruction Scope
Runtime instructions are narrowly scoped to ~/.openclaw/ (create a honeypot file, scan ~/.openclaw/skills/ for suspicious patterns, and notify the user). This is coherent. Minor note: the skill asks to populate a file with 'dummy internal system tokens' — while intended as bait, that will place fabricated secrets under ~/.openclaw/ and could be detected/used by other tools; user should understand and consent to the creation of such decoy data.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is downloaded or written at install time by the skill itself. This is the lowest-risk install model.
Credentials
No environment variables, credentials, or external service tokens are requested. The permission set (local_read, local_write, shell, notify) is proportionate to a local honeypot/IDS; shell is present but explicitly constrained by a require_approval policy in the metadata.
Persistence & Privilege
always:false (normal). The skill includes a cron heartbeat metadata entry and requests local filesystem and shell permissions to operate periodically; this is expected for an IDS. The requirement that shell commands be subject to require_approval mitigates autonomous destructive actions. Confirm your platform enforces the require_approval policy as intended before granting shell approval.
Assessment
This skill is internally consistent with its stated purpose: it will run periodically, create and monitor files inside ~/.openclaw/, and alert you when it sees suspicious skill files. Before installing, be aware that: - It will create a honeypot file (~/.openclaw/workspace/routing_config_backup.json) containing fake tokens; review or remove that file if you don't want decoy secrets on disk. - It requests shell permission, but the skill metadata requires you to approve any shell actions explicitly — do not approve shell commands unless you understand the exact command and why it is needed. - There is no source repo or homepage provided (author identity is unknown) — lack of upstream code makes independent verification harder. If you rely on this for protection, consider manually reviewing the files it creates and testing that your platform enforces the require_approval policy. Overall: coherent and appropriately scoped, but exercise standard caution because the author/source are not verifiable and the honeypot behavior places decoy tokens on your filesystem.

Like a lobster shell, security has layers — review code before you run it.

anti-malwarevk972yhpqfrc60937rg196fmf1x81rnkphoneypotvk972yhpqfrc60937rg196fmf1x81rnkpipsvk972yhpqfrc60937rg196fmf1x81rnkplatestvk97eb72zm9s6m9mn4c9tg7fpj981sw79malware-scannervk972yhpqfrc60937rg196fmf1x81rnkp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments