ClawHub
Skill flagged — review recommended

ClawHub Security found sensitive or high-impact capabilities. Review the scan results before using.

ztp

A mandatory security audit skill for validating new code, skills, and MCP servers against the SEP-2026 Zero Trust protocol.

Audits

Suspicious
ClawScanSuspicious

Agentic behavior and permission review.

Static analysisPending

Pattern checks against bundled files.

VirusTotalPass

Multi-engine malware detections and file reputation.

Install

openclaw skills install ztp

openclaw-security

Description

This skill enforces the SEP-2026 Security Protocol. It provides tools to audit source code for malicious patterns, obfuscation, and unauthorized network capability. It is the Gatekeeper; no external code (Skills, MCP Servers, Python scripts) should be integrated without passing this audit.

Usage

Use this skill whenever you need to:

  1. Audit a new Python file, Skill, or MCP Server before using or installing it.
  2. Verify the safety of a downloaded script.
  3. Check for supply chain attacks (typosquatting).

Commands

1. Deep Audit (Source Code)

Run the Shield Pro 2.0 static analyzer on a target directory or file.

python3 skills/openclawSecurity/scripts/shield_pro.py --target <path_to_scan> --format json

Output: A JSON report containing CRITICAL, HIGH, and MEDIUM findings. Action:

  • If CRITICAL or HIGH > 0: REJECT the code.
  • If MEDIUM > 0: HALT and ask User for manual review.

2. Supply Chain Check

Check requirements.txt or package.json for typosquatting and version pinning issues.

python3 skills/openclawSecurity/scripts/shield_pro.py --target <path_to_requirements> --mode supply-chain

3. Layer 2: External Defense Arsenal (Recommended)

If available in the environment, the Agent MUST run these SOTA tools to augment Shield Pro's findings:

ToolPurposeCommand
BanditPython Static Analysis (Common Vulnerabilities)bandit -r <target_dir> -f json
SafetyPython Dependency Check (Known CVEs)safety check -r requirements.txt --json
NPM AuditNode.js Dependency Checknpm audit --json (in package dir)
TrivyFilesystem/Container Scan (Secrets/Vulns)trivy fs <target_dir> --format json
GarakLLM/Prompt Injection Testinggarak --model_type <type> --model_name <name>

Note: If a tool is missing, log a warning in the final report but proceed with shield_pro findings.

Workflow: The SEP-2026 Gatekeeper Process

  1. Acquire: Download or locate the target code.
  2. Isolate: ensure the code is not executed.
  3. Scan: Run shield_pro.py on the target.
  4. Evaluate:
    • Pass: No Critical/High issues.
    • Fail: Any Critical/High issue found. Reporting potential Line of Code (LOC) and threat type.
  5. Report: Present the findings to the user.

Principles

  • Zero Trust: treat all input as malicious.
  • No Execution: Never run the target code during the audit.
  • Paranoia: False positives are better than missed malware.