Skills Firewall
A security firewall that automatically blocks and filters malicious or potentially harmful skills by analyzing code patterns, detecting security threats, and enforcing security policies.
Quick Start
Scan a Single Skill
python scripts/scan_skill.py /path/to/skill
Check Firewall Decision
python scripts/firewall_check.py /path/to/skill
Generate Security Report
python scripts/generate_report.py /path/to/skills --format text
Core Workflows
1. Security Scanning
Scan skills for potential security threats:
# Scan single skill
python scripts/scan_skill.py ./my-skill
# Scan all skills in directory
python scripts/scan_skill.py ./skills
# JSON output for automation
python scripts/scan_skill.py ./my-skill --json
Threat Levels:
SAFE- No security concernsLOW- Minor concerns, generally safeMEDIUM- Moderate concerns, review recommendedHIGH- Significant risks, blocking recommendedCRITICAL- Severe threats, must block
2. Firewall Filtering
Check and filter skills based on security rules:
# Check single skill
python scripts/firewall_check.py ./my-skill
# Filter all skills
python scripts/firewall_check.py ./skills
# Add to allowed list
python scripts/firewall_check.py ./my-skill --allow
# Add to blocked list
python scripts/firewall_check.py ./my-skill --block
Actions:
allow- Skill passes firewallwarn- Skill has warnings but allowedblock- Skill is blockedquarantine- Skill isolated for review
3. Security Reports
Generate comprehensive security reports:
# Text report
python scripts/generate_report.py ./skills
# JSON report
python scripts/generate_report.py ./skills --format json
# HTML report
python scripts/generate_report.py ./skills --format html --output report.html
Detection Categories
The firewall detects threats in these categories:
| Category | Examples | Severity |
|---|---|---|
| Code Injection | eval(), exec(), import() | HIGH |
| Command Execution | subprocess shell=True, os.system() | HIGH |
| Credential Exposure | Hardcoded passwords, API keys | CRITICAL |
| Network Communication | HTTP requests, socket connections | MEDIUM |
| File Operations | File deletion, modification | MEDIUM |
| Deserialization | pickle.loads, unsafe yaml.load | HIGH |
| Privilege Escalation | sudo, chmod 777 | HIGH |
| Obfuscation | Base64 decoding, encoding | LOW |
Configuration
Export/Import Config
# Export current config
python scripts/firewall_check.py ./skills --export-config firewall.yaml
# Use custom config
python scripts/firewall_check.py ./skills --config firewall.yaml
Config File Format
default_action: warn
allowed_skills:
- skill-creator
- weather
blocked_skills:
- malicious-skill
quarantine_dir: ./quarantine
rules:
- name: block_eval
description: Block eval() usage
patterns:
- "eval("
action: block
enabled: true
Reference Documentation
- Malicious Patterns: See malicious_patterns.md for detailed pattern catalog
- Security Rules: See security_rules.md for rule definitions and configuration
Programmatic Usage
from scan_skill import scan_skill, ThreatLevel
from firewall_check import SkillsFirewall, ActionType
# Scan a skill
result = scan_skill("/path/to/skill")
print(f"Threat Level: {result.threat_level}")
print(f"Is Safe: {result.is_safe}")
# Use firewall
firewall = SkillsFirewall()
decision = firewall.check_skill("/path/to/skill")
print(f"Action: {decision.action}")
print(f"Reason: {decision.reason}")
# Manage lists
firewall.add_allowed_skill("trusted-skill")
firewall.add_blocked_skill("malicious-skill")
# Create custom rule
firewall.create_rule(
name="block_custom_pattern",
description="Block custom dangerous pattern",
patterns=["dangerous_function("],
action=ActionType.BLOCK
)
Best Practices
- Scan Before Use: Always scan new skills before installation
- Review Warnings: Investigate warning-level findings
- Update Rules: Keep detection patterns current
- Document Exceptions: Record why skills are allowed/blocked
- Regular Audits: Run periodic security scans
- Use Reports: Generate reports for compliance and review