skill_guard

Skill Security Scanner - Scan for risks before download/use. Use when: installing unknown skills, evaluating third-party code, or security auditing. / Skill安全检查 - 下载/使用前检测风险。

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "skill_guard" with this command: npx skills add WaaiOn/skill-guard-waai

🛡️ Skill Guard / 安全检查

Security scanner for AI Skills. Check code safety before install or use.

When to Use / 使用场景

EN	CN
Installing unknown skills	安装未知来源的skill
Evaluating third-party code	评估第三方代码
Security auditing	安全审计
Before running untrusted code	运行不受信任的代码前

Risk Categories / 风险类型

Category	EN	CN
Code Execution	代码执行	🔴 Critical
File Deletion	文件删除	🔴 Critical
Command Injection	命令注入	🔴 Critical
Credential Leak	凭证泄露	🟠 High
Network Request	网络请求	🟠 High
Data Theft	窃取数据	🔴 Critical
Induce Transfer	诱导转钱	🔴 Critical
Virus/Backdoor	病毒/后门	🔴 Critical

Usage / 使用

# Scan local skill / 扫描本地skill
python3 -c "from skill_guard import scan; print(scan('/path/to/skill'))"

# Inspect remote / 检查远程
python3 -c "from skill_guard import inspect_remote; print(inspect_remote('skill-name'))"

Risk Patterns / 风险模式

RISK_PATTERNS = {
    'code_execution': ['exec(', 'eval(', 'compile(', '__import__'],
    'file_deletion': ['rm -rf', 'shutil.rmtree', 'os.remove'],
    'command_injection': ['subprocess', 'os.system', 'shell=True'],
    'credential_leak': ['password', 'api_key', 'token', 'secret'],
    'data_theft': ['/etc/passwd', '~/.ssh', 'clipboard'],
    'induce_transfer': ['alipay', 'bank_card', 'payment'],
    'virus_backdoor': ['ransomware', 'miner', 'backdoor'],
}

Installation / 安装

npx clawhub install skill-guard-waai

Author / 作者

WaaiOn

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry Record Open in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Aws Security

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. my arsenal of aws security tools, shell, auditing, aws-infrastructure,...

Registry SourceRecently Updated

950bytesagain

Security

Nginx Config

Nginx配置生成。服务器配置、反向代理、SSL、缓存、安全加固、性能优化。Nginx config generator with reverse proxy, SSL, caching, security, optimization. Nginx、服务器、运维。

Registry SourceRecently Updated

1770Profile unavailable

Security

Watadot Aws Iam

IAM security patterns by Watadot Studio. Manage users, roles, and policy verification.

Registry SourceRecently Updated

80Profile unavailable

Security

Adversarial Robustness Toolbox

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poiso adversarial robustness toolbox, python, adversarial-atta...

Registry SourceRecently Updated

1150Profile unavailable