agent-shield

Scan AI agent skills, MCP servers, and plugins for security vulnerabilities. Use when: user asks to check a skill/plugin for safety, audit security, scan for backdoors/data exfiltration/credential leaks, or evaluate trust of a third-party skill. Triggers: "is this skill safe", "scan for security issues", "audit this plugin", "check for backdoors", "安全扫描", "扫一下安不安全".

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "agent-shield" with this command: npx skills add elliotllliu/agentshield-scanner

AgentShield — Security Scanner

Scan any directory for security issues in AI agent skills, MCP servers, and plugins.

Usage

# Basic scan
npx @elliotllliu/agent-shield scan ./path/to/skill/

# Pre-install check (GitHub URL, npm package, or local path)
npx @elliotllliu/agent-shield install-check https://github.com/user/repo

# JSON output for programmatic use
npx @elliotllliu/agent-shield scan ./path/to/skill/ --json

# Fail if score is below threshold
npx @elliotllliu/agent-shield scan ./path/to/skill/ --fail-under 70

# Scan .difypkg plugin archives
npx @elliotllliu/agent-shield scan ./plugin.difypkg

What It Detects (30 rules)

High Risk:

  • data-exfil — reads sensitive files + sends HTTP requests
  • backdoor — eval(), exec(), dynamic code execution
  • reverse-shell — outbound socket to shell
  • crypto-mining — mining pool connections
  • credential-hardcode — hardcoded API keys/tokens
  • obfuscation — base64+eval, hex strings
  • prompt-injection — 55+ patterns, 12 categories, 8 languages
  • tool-shadowing — tool name/description manipulation
  • attack-chain — multi-step kill chain (5 stages)
  • cross-file — cross-file data flow and code injection
  • ast-* — Python AST taint tracking (eval, pickle, SQL injection, SSTI)
  • multilang-injection — 8-language prompt injection
  • description-integrity — semantic mismatch between description and code
  • mcp-runtime — MCP server runtime security issues

Medium Risk:

  • env-leak — process.env exfiltration
  • network-ssrf — user-controlled URLs, SSRF
  • privilege — SKILL.md permission vs code mismatch
  • supply-chain — known CVEs in dependencies
  • sensitive-read — SSH keys, AWS creds access
  • phone-home — periodic beacon/heartbeat pattern
  • python-security — 35 Python-specific patterns

Low Risk:

  • excessive-perms — too many permissions declared
  • hidden-files — .env with secrets committed
  • typosquatting — suspicious npm package names

Interpreting Results

  • Score 90-100: Low risk ✅
  • Score 70-89: Moderate risk — review warnings
  • Score 40-69: High risk — investigate before using
  • Score 0-39: Critical risk — do not install

When to Use

  1. Before installing a third-party skill: npx @elliotllliu/agent-shield install-check <url>
  2. Auditing your own skills before publishing
  3. CI/CD pipeline gate: --fail-under 70
  4. Reviewing skills from untrusted sources

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

AxonFlow Governance Policies

Govern OpenClaw with AxonFlow — block dangerous commands, detect PII, prevent data exfiltration, protect agent config files, explain policy decisions, grant...

Registry SourceRecently Updated
2381Profile unavailable
Security

Clawhub Publish V621

Enterprise AI Agent Security Scanner - 846 rules, three-layer detection architecture, risk tier classification. Detects prompt injection, credential theft, d...

Registry SourceRecently Updated
4281Profile unavailable
Security

Deepsafe Scan

Preflight security scanner for AI coding agents — scans deployment config, skills/MCP servers, memory/sessions, and AI agent config files (hooks injection) f...

Registry SourceRecently Updated
3440Profile unavailable
Security

Agentshield Audit

Trust Infrastructure for AI Agents - Like SSL/TLS for agent-to-agent communication. 77 security tests, cryptographic certificates, and Trust Handshake Protoc...

Registry SourceRecently Updated
1.2K0Profile unavailable