← Back to Skills Marketplace

Skill Security Guard

Name: Skill Security Guard
Author: sukimgit

by sukimgit · GitHub ↗ · v1.0.2 · MIT-0

cross-platform ✓ Security Clean

187

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install skill-security-guard-publish

Description

Skill 安全扫描器 - 检测第三方技能的恶意代码、信息泄露等安全风险，保护你的 AI 助手安全！

Usage Guidance

This skill appears to be a legitimate local security scanner. Before running it: 1) don’t point it at system root or sensitive directories (e.g., /, your home, or cloud creds directories) while running as an elevated user—it will read files and could report sensitive content; 2) expect active network checks if you allow network scanning or if the scanner is configured to validate discovered URLs (these can contact remote hosts); 3) review scanner output and the rules/whitelist (rules/safe_domains.json) and avoid running it with root unless necessary; 4) verify you trust the skill source/author before giving it access to private repositories or directories. If you want extra assurance, inspect scanner.py for any data exfiltration paths (e.g., code that posts findings to remote servers) — none were evident in the provided files, but the full scanner.py and remaining truncated files should be reviewed if you need maximum assurance.

Capability Analysis

Type: OpenClaw Skill Name: skill-security-guard-publish Version: 1.0.2 The skill bundle is a security auditing tool designed to scan other OpenClaw skills for malicious code, hardcoded secrets, and risky configurations. It utilizes static analysis (AST and regex) in scanner.py and various checker modules (code_checker.py, sensitive_checker.py) to identify patterns like RCE, data exfiltration, and unauthorized file access. While the bundle includes active system and network probing capabilities in network_checker.py (e.g., port scanning and firewall status checks), these behaviors are consistent with its stated purpose as a 'Security Guard' and show no evidence of malicious intent, unauthorized data exfiltration, or prompt injection.

Capability Assessment

✓ Purpose & Capability

Name/description (security scanner) align with what is included: multiple checker modules (code/file/network/sensitive), a CLI entry (scanner.py), and a whitelist file. Required binary is only python and no unrelated credentials or unusual system paths are requested.

ℹ Instruction Scope

SKILL.md instructs running python scanner.py against a skill or directory. The scanner legitimately reads files, parses code (AST/regex), and may detect/flag env var usage or URLs. Note: the included network_checker can perform active network operations (port checks, SSL retrievals) and file_checker will stat/read files; these behaviors are expected for this tool but mean it will access local files and may perform network probes of hosts it discovers or is asked to check.

✓ Install Mechanism

No install spec — instruction-only invocation requiring only Python 3.7+. The code uses only standard-library modules per files shown, matching the SKILL.md claim of 'no extra packages'. No remote downloads or archive extraction are present.

✓ Credentials

The skill requests no environment variables or credentials. The code scans for patterns that indicate environment-variable usage in target code but does not itself require or exfiltrate credentials. No disproportionate secrets access is declared.

✓ Persistence & Privilege

The skill is not always-enabled and does not request elevated platform privileges. It does run code that may call subprocesses (netsh/iptables/systemctl) when checking firewall status — these calls are limited and expected for a network/security scanner, but may require appropriate OS permissions when executed.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install skill-security-guard-publish
After installation, invoke the skill by name or use /skill-security-guard-publish
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.2

- 修复 Windows 编码问题（报告 emoji 无法显示） - 添加 UTF-8 编码支持

v1.0.1

Version 1.0.1 - Code refactored to include complete docstrings, type hints, and PEP 8 compliance. - Improved error messaging with user-friendly details and troubleshooting suggestions. - Unified interface standard for all checkers. - Documentation clarified and enhanced. - Added new checker modules for structure and clarity. - Removed redundant release notes file.

v1.0.0

Initial release of skill-security-guard: - Detects malicious code, information leaks, and other security risks in third-party skills. - Scans and reports on HTTP/HTTPS requests, file operations, dangerous functions, and sensitive information. - Provides risk scoring and actionable security suggestions. - Easy CLI usage; supports single-skill or directory scans with verbose reporting. - White-listing and custom rule support to reduce false positives.

Metadata

Slug skill-security-guard-publish

Version 1.0.2

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 3

Frequently Asked Questions

What is Skill Security Guard?

Skill 安全扫描器 - 检测第三方技能的恶意代码、信息泄露等安全风险，保护你的 AI 助手安全！. It is an AI Agent Skill for Claude Code / OpenClaw, with 187 downloads so far.

How do I install Skill Security Guard?

Run "/install skill-security-guard-publish" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Skill Security Guard free?

Yes, Skill Security Guard is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Skill Security Guard support?

Skill Security Guard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Skill Security Guard?

It is built and maintained by sukimgit (@sukimgit); the current version is v1.0.2.

More Skills