Skill Install Guardian
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: skill-install-guardian Version: 1.3.0 The OpenClaw skill 'skill-install-guardian' is designed to perform security and due diligence checks on other skills before installation. Both its documentation (SKILL.md) and its Python script (scripts/check.py) consistently reflect this security-focused purpose. The script implements robust slug validation and uses safe, list-based `subprocess.run` calls to prevent shell injection when interacting with `npx clawhub`. It actively scans other skill files for dangerous patterns (like `eval()`, `exec()`, API keys, and obfuscation) and reports findings. There is no evidence of malicious intent, data exfiltration, unauthorized execution, or prompt injection attempts within this skill itself; rather, it aims to detect such issues in *other* skills.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill will execute local `npx clawhub` inspection commands and fetch information about the requested skill.
The script invokes a local CLI command to inspect ClawHub skills. This is expected for the scanner purpose, and the visible code validates the slug and uses list-form subprocess arguments.
stdout, stderr, code = run_command(["npx", "clawhub", "inspect", slug, "--json"])
Use it only for intended skill slugs, review the generated report, and keep the owner-confirmation step before any installation.
If `npx` resolves or updates the CLI from an external package source, the scanner depends on that package supply chain.
The skill relies on `npx` to run the ClawHub CLI, but the artifact does not pin a CLI package version or source. This is common and purpose-aligned, but it means the trust boundary includes the local or resolved `clawhub` CLI.
requires":{"bins":["npx"]} ... npx clawhub inspect <skill-slug> --securityPrefer a trusted, pinned, or preinstalled ClawHub CLI when using this as a security gate.