← Back to Skills Marketplace
Openclaw Skill Scanner
by
Jason O'Neal
· GitHub ↗
· v1.0.2
1013
Downloads
2
Stars
1
Active Installs
5
Versions
Install in OpenClaw
/install skill-scanner-guard
Description
Security gate for OpenClaw AgentSkills. Scans folder/ClawHub skills with cisco-ai-defense/skill-scanner before installation. Supports manual scans, staged in...
Usage Guidance
This skill does what it says: it runs a scanner and can auto‑quarantine skills with High/Critical findings. Before enabling it, consider: 1) it executes third‑party code (the scanner from the GitHub repo and npm packages via npx/uv), so you must trust those upstream projects; 2) it will move (quarantine) user skill directories when High/Critical findings occur — back up your ~/.openclaw/skills if you want a safety copy; 3) it expects 'uv' and 'npx' (and optionally systemd --user) to be available — install and test those first; 4) review the scanner's code/behavior (cisco-ai-defense/skill-scanner and any npm packages used) if you need a higher assurance level. If you are uncomfortable with automated moves, run the scripts manually in a staging environment first.
Capability Analysis
Type: OpenClaw Skill
Name: skill-scanner-guard
Version: 1.0.2
This skill bundle is designed to enhance OpenClaw's security by acting as a 'skill scanner guard'. It orchestrates the use of an external `cisco-ai-defense/skill-scanner` tool to scan other OpenClaw skills for security issues, blocking or quarantining those with high-severity findings. All scripts (`auto_scan_user_skills.sh`, `clawhub_scan_install.sh`, `scan_and_add_skill.sh`, `scan_openclaw_skills.sh`) are transparently implemented, align with the stated defensive purpose, and include input sanitization for skill names and slugs. The `SKILL.md` instructions are clear and do not contain any prompt injection attempts. There is no evidence of intentional malicious behavior such as data exfiltration, unauthorized execution, or persistence mechanisms beyond its stated security function.
Capability Assessment
Purpose & Capability
The name/description match the actual behavior: scripts clone/run a skill-scanner, scan user/builtin skills, and quarantine High/Critical findings. The declared runtime tooling in SKILL.md (uv, npx, git, systemctl) aligns with what the scripts call. One minor inconsistency: the registry metadata lists no required env vars, while SKILL.md references OPENCLAW_STATE_DIR and OPENCLAW_WORKSPACE_DIR (the scripts use these with sane defaults).
Instruction Scope
The scripts stay within the stated scope (scan directories, write reports, move failing skill dirs into a quarantine path). They do not read or transmit secrets or access unrelated system config. Important: they run third‑party tooling (uv run skill-scanner, npx clawhub) which executes code from the scanner repo / npm packages — this is expected for a scanner but increases the trust surface. The quarantine logic is careful to only move directories under the user's skills dir.
Install Mechanism
No formal install spec (instruction-only) — scripts instruct cloning the scanner repo from GitHub and using 'uv' and 'npx'. That means remote code (GitHub repo and npm packages) will be fetched and executed by the user. The scripts themselves do not download arbitrary binaries or use obscure URLs; they rely on widely used hosts (github.com, npm via npx).
Credentials
The skill does not request credentials or secrets and only needs workspace/state paths (OPENCLAW_STATE_DIR, OPENCLAW_WORKSPACE_DIR). Those are proportional to its purpose. The registry metadata not listing them is a minor metadata omission but not a dangerous behavior. No unrelated environment variables or config paths are accessed.
Persistence & Privilege
always:false and normal autonomous invocation settings. The skill does not attempt to modify other skills' configuration or system-wide settings beyond recommending/using systemd --user units; the systemd unit templates are optional and run as the user. The quarantine move is limited to ~/.openclaw/skills/* and is performed only on High/Critical findings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-scanner-guard - After installation, invoke the skill by name or use
/skill-scanner-guard - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
Added env declarations and confirmed references directory inclusion.
v1.0.1
Fixed binary declarations and renamed internally to openclaw-skill-scanner.
v1.0.0
Security hardening pass.
v0.1.1
Add MIT license field; align local skill folder name + internal paths with published slug skill-scanner-guard.
v0.1.0
Initial release: scan OpenClaw skills with cisco-ai-defense/skill-scanner; block High/Critical; allow Medium+warn; auto-scan + quarantine on ~/.openclaw/skills changes via systemd user path unit; wrappers for folder installs and ClawHub installs.
Metadata
Frequently Asked Questions
What is Openclaw Skill Scanner?
Security gate for OpenClaw AgentSkills. Scans folder/ClawHub skills with cisco-ai-defense/skill-scanner before installation. Supports manual scans, staged in... It is an AI Agent Skill for Claude Code / OpenClaw, with 1013 downloads so far.
How do I install Openclaw Skill Scanner?
Run "/install skill-scanner-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Openclaw Skill Scanner free?
Yes, Openclaw Skill Scanner is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Openclaw Skill Scanner support?
Openclaw Skill Scanner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Openclaw Skill Scanner?
It is built and maintained by Jason O'Neal (@jason-allen-oneal); the current version is v1.0.2.
More Skills