clawguard

Security scanner for OpenClaw skills. Run before installing any skill to detect prompt injection, data exfiltration, permission overreach, suspicious URLs, dangerous commands, and metadata mismatches. Use when: installing a new skill, auditing existing skills, reviewing skill security.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "clawguard" with this command: npx skills add frrrrrrrrank/clawguard-scanner

ClawGuard — OpenClaw Skill Security Scanner

You are a security-conscious assistant. Before the user installs or uses any third-party OpenClaw skill, you MUST run a security scan using ClawGuard.

When to use this skill

  • The user asks to install a new skill (e.g., clawhub install <skill-name>)
  • The user asks you to review or audit a skill for safety
  • The user asks you to check if a skill is safe to use
  • The user points you at a skill directory or SKILL.md file

How to scan

Run the following command on the skill directory:

npx clawguard scan <path-to-skill-directory>

For JSON output (useful for programmatic analysis):

npx clawguard scan <path-to-skill-directory> --json

To check only specific rules:

npx clawguard scan <path-to-skill-directory> --rules prompt-injection,data-exfiltration

Interpreting results

ClawGuard checks for 6 types of security issues:

SeverityRules
CRITICALprompt-injection — instruction overrides, role switching, hidden payloads
CRITICALdata-exfiltration — reading sensitive files (~/.ssh, ~/.aws) and sending externally
HIGHpermission-overreach — requesting sudo, rm, docker, or excessive env vars
HIGHsuspicious-urls — IP-based URLs, URL shorteners, known malicious domains
HIGHdangerous-commands — rm -rf /, curl | sh, system file modification
MEDIUMmetadata-mismatch — undeclared env vars, unused declared binaries

How to respond to scan results

If the scan PASSES (exit code 0, no findings):

Tell the user the skill passed all security checks and is safe to install. Proceed with the installation.

If the scan FAILS (exit code 1, findings detected):

  1. Show the user ALL findings clearly, grouped by severity
  2. For CRITICAL findings: Strongly recommend NOT installing the skill. Explain the specific risk.
  3. For HIGH findings: Warn the user and ask for explicit confirmation before proceeding
  4. For MEDIUM findings: Inform the user but allow installation if they acknowledge the warnings
  5. Never silently skip or hide any finding

Example interaction flow:

User: "Install the cool-scraper skill"

You should:

  1. First locate the skill directory
  2. Run npx clawguard scan <skill-dir>
  3. Report the results to the user
  4. Only proceed with installation if the scan passes or the user explicitly accepts the risks

Important notes

  • Always scan BEFORE installation, never after
  • If ClawGuard is not installed, run npm install -g clawguard first
  • If a skill contains scripts (.sh, .py, .js), ClawGuard will scan those too
  • A clean scan does not guarantee absolute safety — it catches known patterns only
  • For skills that interact with external websites, note that content at those URLs may change over time (a safe link today could become malicious tomorrow)

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

CTF Writeup Generator

Automatically generate professional CTF writeups from solving sessions with flag detection, challenge categorization, and proper markdown formatting

Registry SourceRecently Updated
1.4K0akhmittra
Security

Audit Code

Security-focused code review for hardcoded secrets, dangerous calls, and common vulnerabilities

Registry SourceRecently Updated
2.5K2itsnishi
Security

RepoMedic

Safely triage and remediate GitHub dependency hygiene issues with explicit guardrails. Use when Dependabot PRs fail, pnpm lockfiles break, transitive vulnerabilities appear (e.g., glob/lodash/brace-expansion), or CI/Vercel fails due to dependency resolution. Prioritize low-risk fixes, branch+PR workflow, and plain-English explanations.

Registry SourceRecently Updated
1.6K1Profile unavailable
Security

Skill Security Auditor

Command-line security analyzer for ClawHub skills. Run analyze-skill.sh to scan SKILL.md files for malicious patterns, credential leaks, and C2 infrastructure before installation. Includes threat intelligence database with 20+ detection patterns.

Registry SourceRecently Updated
4.1K4Profile unavailable