skill-scanner

Pass

Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, scan for credential exfiltration, detect prompt injection, or review skill security. Triggers on security audit, skill safety check, malware scan, or trust verification.

@openclawMIT2/22/2026

68out of 100

(0)

1.0kstars

55downloads

72views

Install Skill

Skills are third-party code from public GitHub repositories. SkillHub scans for known malicious patterns but cannot guarantee safety. Review the source code before installing.

Install with CLI

Install globally (user-level):

npx skillhub install openclaw/skills/skill-scanner

Install in current project:

npx skillhub install openclaw/skills/skill-scanner --project

Suggested path: ~/.claude/skills/skill-scanner/

AI Review

Instruction Quality65

Description Precision70

Usefulness67

Technical Soundness70

Scored 68 — substantial security scanning automation with 69KB of Python code covering 15+ threat categories. Good description with 6 trigger phrases. Deducted for niche generality (only useful for skill scanning) and lack of user-facing error handling documentation.

SKILL.md Content

---
name: skill-scanner
description: Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, scan for credential exfiltration, detect prompt injection, or review skill security. Triggers on security audit, skill safety check, malware scan, or trust verification.
---

# Skill Security Scanner

Scan skills for malicious patterns before installation. Detects credential exfiltration, suspicious network calls, obfuscated code, prompt injection, and other red flags.

## Quick Start

```bash
# Scan a local skill folder
python3 scripts/scan.py /path/to/skill

# Verbose output (show matched lines)
python3 scripts/scan.py /path/to/skill --verbose

# JSON output (for automation)
python3 scripts/scan.py /path/to/skill --json
```

## Workflow: Scan Before Install

1. Download or locate the skill folder
2. Run `python3 scripts/scan.py <skill-path> --verbose`
3. Review findings by severity (CRITICAL/HIGH = do not install)
4. Report results to user with recommendation

## Score Interpretation

| Score | Meaning | Recommendation |
|-------|---------|----------------|
| CLEAN | No issues found | Safe to install |
| INFO | Minor notes only | Safe to install |
| REVIEW | Medium-severity findings | Review manually before installing |
| SUSPICIOUS | High-severity findings | Do NOT install without thorough manual review |
| DANGEROUS | Critical findings detected | Do NOT install — likely malicious |

## Exit Codes

- `0` = CLEAN/INFO
- `1` = REVIEW
- `2` = SUSPICIOUS
- `3` = DANGEROUS

## Rules Reference

See `references/rules.md` for full list of detection rules, severity levels, and whitelisted domains.

## Limitations

- Pattern-based detection — cannot catch all obfuscation techniques
- No runtime analysis — only static scanning
- False positives possible for legitimate tools that access network/files
- Always combine with manual review for HIGH/MEDIUM findings