Yoder Skill Auditor

Type: OpenClaw Skill Name: yoder-skill-auditor Version: 3.1.0 This skill bundle is a security scanner designed to detect malicious patterns in other OpenClaw skills. It contains a comprehensive set of checks for credential harvesting, data exfiltration, obfuscation, prompt injection, privilege escalation, and more. The presence of malicious code patterns in the `tests/` directory is intentional, serving as test fixtures to validate the scanner's detection capabilities, and these are explicitly documented as such in `TEST-FIXTURES-WARNING.md` and excluded from the published package via `.clawignore`. The `audit.sh` script includes a `PATTERN_DEF_FILTER` to prevent self-flagging of its own detection logic. There is no evidence that the scanner itself performs any malicious actions, exfiltrates data, or attempts prompt injection against the agent running it. All functionalities are aligned with its stated purpose as a security auditing tool.