clawguard

Security scanner for ClawHub skills. Analyze before you install.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "clawguard" with this command: npx skills add chloepark85/skill-guard-pro

ClawGuard 🛡️

Scan ClawHub skills for security risks before installing.

ClawGuard performs static code analysis on ClawHub skills to detect:

  • 🌐 Network exfiltration (HTTP POST to external URLs)
  • 🔑 Credential access (API keys, tokens, passwords)
  • ⚡ Shell command execution
  • 💥 File destruction (rm -rf, unlink)
  • 🎭 Code obfuscation (eval, base64 decode)
  • 👻 Hidden files and directories

Usage

Scan by skill name

Download and scan a skill from ClawHub:

uv run {baseDir}/scripts/scan.py --skill <skill-name>

Scan local directory

Scan a skill directory on your local filesystem:

uv run {baseDir}/scripts/scan.py --path /path/to/skill

JSON output

Get results in JSON format:

uv run {baseDir}/scripts/scan.py --skill <skill-name> --json

Examples

Scan the GitHub skill:

uv run {baseDir}/scripts/scan.py --skill github

Scan a local skill:

uv run {baseDir}/scripts/scan.py --path ~/.openclaw/skills/my-skill

Risk Levels

  • 🟢 SAFE (0-30): No significant risks detected
  • 🟡 CAUTION (31-60): Review flagged items before installing
  • 🔴 DANGEROUS (61-100): High-risk patterns detected — DO NOT INSTALL

Exit Codes

  • 0: Safe
  • 1: Caution
  • 2: Dangerous

Requirements

  • Python 3.11+
  • uv (Python package manager)
  • clawhub CLI (optional, for downloading skills)

How It Works

  1. Pattern Matching: Regex-based detection of dangerous code patterns
  2. AST Analysis: Python AST parsing for eval/exec detection
  3. URL Extraction: Identifies all network endpoints
  4. Risk Scoring: Weighted severity scoring (0-100)

What It Detects

CategoryWeightExamples
Network exfiltration25POST to unknown URL with data
Credential access20Reading API keys, tokens
Shell execution15exec(), subprocess, system()
File destruction15rm -rf, unlink, rmdir
Obfuscation15eval(), atob(), Buffer.from
Hidden files10Dotfiles, hidden directories

Limitations

  • Static analysis only: Cannot detect runtime behavior
  • Regex-based: May have false positives/negatives
  • JS/TS: Basic pattern matching (no full AST parsing)
  • Encrypted/minified code: Cannot analyze obfuscated payloads

Best Practices

  1. Always scan before installing untrusted skills
  2. Review CAUTION-level findings manually
  3. Check network endpoints for unknown domains
  4. Never install DANGEROUS skills without verification
  5. Report suspicious skills to ClawHub moderators

License

MIT

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Code Review Inspector

Automated code review checking for bugs, security issues, best practices, performance problems, and code style

Registry SourceRecently Updated
330michaelatamuk
Security

agent-bom runtime

AI runtime security monitoring — context graph analysis, runtime audit log correlation with CVE findings, and vulnerability analytics queries. Use when the u...

Registry SourceRecently Updated
7870msaad00
Security

agent-bom scan

Open security scanner for agentic infrastructure — agents, MCP, packages, blast radius, runtime, and trust for package CVEs (OSV, NVD, EPSS, KEV), container...

Registry SourceRecently Updated
7740msaad00
Security

agent-bom vulnerability intel

Use agent-bom to check package, SBOM, inventory, and agent dependency exposure against OSV, GitHub Security Advisories, NVD, EPSS, and CISA KEV with explicit...

Registry SourceRecently Updated
300msaad00