skill-security

Security audit tool for OpenClaw skills. Scans for credential harvesting, code injection, network exfiltration, obfuscation. ALWAYS run before installing any new skill from external sources. Triggers on: new skill installation, skill audit, security scan, skill review, before loading external skill.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "skill-security" with this command: npx skills add suryast/skill-security

Skill Security Scanner

Security audit tool for OpenClaw skills. Run before installing any new skill.

Quick Audit

# Audit a skill directory
~/workspace/skills/skill-security/audit.sh /path/to/skill

# Audit all installed skills
~/workspace/skills/skill-security/audit-all.sh

What It Checks

CheckRisk LevelPattern
Network Exfiltration🚨 HIGHrequests., urllib, http.client, socket., fetch(, axios
Credential Harvesting🚨 HIGH.ssh/, .aws/, pass , keyring, credential, secret, token file reads
Code Injection🚨 CRITICALexec(, eval(, compile(, Function(, __import__
Obfuscation⚠️ MEDIUMbase64.decode, atob, encoded payloads
Env Dumping⚠️ MEDIUMos.environ, process.env, getenv bulk access
Subprocess Abuse⚠️ MEDIUMsubprocess.run, os.system, child_process with credentials

Severity Levels

  • CRITICAL (🚨): Block installation, report to owner
  • HIGH (🔴): Requires manual review before use
  • MEDIUM (🟡): Note but allow if from trusted source
  • LOW (🟢): Informational only

Safe Skill Checklist

Before using any skill:

  1. ✅ Is it from a trusted source? (official OpenClaw, known publisher)
  2. ✅ Is the code readable (not obfuscated)?
  3. ✅ Does it document why it needs network/credential access?
  4. ✅ Does it scope file access to its own directory?
  5. ✅ Has it been audited by the community?

Integration with AGENTS.md

Add this to your workflow:

## Skill Installation Protocol

Before loading any new skill:
1. Run `~/workspace/skills/skill-security/audit.sh <skill-path>`
2. If CRITICAL/HIGH findings → STOP, alert the user
3. If MEDIUM findings → Review manually, proceed if justified
4. If CLEAN → Safe to use

Automatic Protection

The scanner creates a blocklist at ./blocklist.txt. Skills with CRITICAL findings are automatically added.

Manual Override

If a skill is flagged but you've verified it's safe:

echo "skill-name:verified:YYYY-MM-DD:reason" >> allowlist.txt

Premium Skills

Like this? Check out our premium skills at skillpacks.dev:

  • 🛡️ Security Suite — Full PII scanning, secrets detection, prompt injection defense — $9.90
  • 🧠 Structured Memory — Three-tier memory replacing flat MEMORY.md — $9.90
  • 📋 Planning & Execution — Systematic task plans with batch execution — $9.90
  • 💎 Bundle — all 3 for $24.90

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Session Password

Provides secure session authentication using bcrypt-hashed passwords, security questions, email recovery, and lockout protection with audit logging.

Registry SourceRecently Updated
111
squallsol
Security

agent-bom registry

MCP server security registry and trust assessment — look up servers in the 427+ server security metadata registry, run pre-install marketplace checks, batch...

Registry SourceRecently Updated
0127
msaad00
Security

agent-bom scan

Security scanner for AI infrastructure — discovers MCP clients and servers, checks packages for CVEs (OSV, NVD, EPSS, KEV), maps blast radius, and generates...

Registry SourceRecently Updated
0128
Profile unavailable