← Back to Skills Marketplace
1766
Downloads
3
Stars
3
Active Installs
3
Versions
Install in OpenClaw
/install skill-auditor-pro
Description
审查 ClawHub skills 的安全性,检测恶意代码、可疑模式和社工攻击。在安装任何第三方 skill 前使用此工具进行安全检查。
Usage Guidance
This skill appears to implement a reasonable audit workflow, but review these points before installing or running it: 1) Ensure the host has 'clawhub' (and optionally the 'gemini' CLI) if you plan to use fetch or LLM analysis — the skill does not declare these requirements. 2) Be cautious with the L3 step: the script copies 'suspicious' code to /tmp and instructs an agent/LLM to analyze it — that can leak secrets or sensitive code to whatever model/service you invoke. Prefer running the audit locally and reviewing findings yourself rather than sending raw suspicious files to remote LLMs or public APIs. 3) Confirm the external reporting address ([email protected]) and any IoC lists are from a trusted source before using them. 4) If you need to proceed: run the script in an isolated environment, inspect its output and the /tmp artifact contents manually, and only use LLM analysis on redacted content that removes any credentials or secrets. If you want a safer verdict, provide: where this skill was published (homepage/source repo), whether 'clawhub' and 'gemini' are available in your environment, and whether you intend to allow the agent to send suspicious code to external LLM services.
Capability Analysis
Type: OpenClaw Skill
Name: skill-auditor-pro
Version: 2.1.1
This skill is a security scanner designed to audit other OpenClaw skills. Its code and documentation are entirely consistent with this stated purpose. It implements pattern matching, deobfuscation, and LLM-based intent analysis to detect malicious patterns (e.g., `base64|bash`, `curl|bash`, `eval`, access to sensitive directories like `~/.ssh` or `~/.openclaw`, credential keywords, known C2 IPs/domains). The script creates a temporary file containing identified suspicious code and instructs the OpenClaw agent to `cat` this file for LLM analysis, which is a functional interaction aligned with its 'L3: LLM Intent Analysis' feature, not a malicious prompt injection attempt.
Capability Assessment
Purpose & Capability
The skill's stated purpose (audit ClawHub skills) matches the provided script, but the SKILL.md/script rely on external CLIs (clawhub inspect to fetch skills and an optional 'gemini' CLI for LLM analysis) even though the registry metadata declares no required binaries. Not declaring clawhub (and optionally gemini) is an incoherence — the tool will fail or behave unexpectedly without them.
Instruction Scope
Instructions and the script perform expected auditing actions (pattern scans, deobfuscation), but the L3 flow copies suspicious code to /tmp and explicitly asks the OpenClaw agent/LLM to 'analyze' that file. That step can expose secrets or sensitive code to whichever model/service runs the analysis. The script also searches for sensitive paths ($HOME/.ssh, ~/.aws, ~/.openclaw), which is reasonable for an auditor, but combining detection with automated copying and prompting to an LLM raises data-exfiltration/privacy risk.
Install Mechanism
No install spec (instruction-only with an included script) — low installation risk. The script itself is bundled and will run locally; there are no remote downloads or extract steps in the skill package. This is proportionate to the stated purpose.
Credentials
The skill declares no required env vars or credentials, which is appropriate. However, the scanner looks for references to API keys, tokens, and config dirs in scanned code and will surface them; combined with the L3 step that saves suspicious content to /tmp for agent analysis, that could reveal secrets to an LLM or external service. Also the SKILL.md mentions 'gemini' CLI but does not request it as a required credential/tool.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or global config. It writes temporary files to the system (/tmp, mktemp) which is expected for a scanner; no persistent installation or elevated privileges are requested.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-auditor-pro - After installation, invoke the skill by name or use
/skill-auditor-pro - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.1.1
Fix: updated ClawHub listing description to English.
v2.1.0
Translated all documentation to English for international users. No functional changes.
v2.0.0
Security scanner for ClawHub skills. L1 pattern matching, L2 base64/hex deobfuscation, L3 LLM intent analysis. Detects C2 servers, social engineering, credential theft.
Metadata
Frequently Asked Questions
What is Skill Auditor Pro?
审查 ClawHub skills 的安全性,检测恶意代码、可疑模式和社工攻击。在安装任何第三方 skill 前使用此工具进行安全检查。 It is an AI Agent Skill for Claude Code / OpenClaw, with 1766 downloads so far.
How do I install Skill Auditor Pro?
Run "/install skill-auditor-pro" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skill Auditor Pro free?
Yes, Skill Auditor Pro is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Skill Auditor Pro support?
Skill Auditor Pro is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skill Auditor Pro?
It is built and maintained by sypsyp97 (@sypsyp97); the current version is v2.1.1.
More Skills