← Back to Skills Marketplace
Auto Skill Scanner
by
ohmanymoneygomyhome-creator
· GitHub ↗
· v1.0.4
· MIT-0
116
Downloads
0
Stars
0
Active Installs
5
Versions
Install in OpenClaw
/install auto-skill-scanner
Description
Auto Skill Scanner - 自动化AI技能安全监控工具。每日自动扫描已安装的OpenClaw技能,发现硬编码凭证、Shell注入、网络泄露等安全隐患,报告推送至Telegram/飞书等渠道。触发词:scan skills、扫描技能、安全扫描。
README (SKILL.md)
🛡️ Auto Skill Scanner
自动化AI技能安全监控工具
🔍 功能特点
- 🔍 全面扫描 - 检查所有已安装的技能(npm包+扩展+workspace)
- 🛡️ 四大威胁检测
- 🔴 硬编码凭证(密码、API密钥)
- 🔴 环境变量泄露
- 🔴 Shell注入风险
- 🔴 网络请求外泄
- ⏰ 定时扫描 - 每24小时自动执行
- 📱 多渠道推送 - 自动发送到所有已配置的Channel
- 🎯 精准定位 - 告诉你是哪一行代码有问题
⚠️ 重要:首次使用
安装后需要手动触发一次来激活定时扫描!
激活步骤
- 安装 skill:
clawhub install auto-skill-scanner
- 在任意对话框发送:
扫描技能
或
scan skills
-
首次触发后会自动:
- 执行首次安全扫描
- 创建每24小时的定时扫描任务
- 报告发送到你的消息渠道
-
之后每天会自动扫描,无需任何操作
📋 安全等级
| 等级 | 含义 | 建议 |
|---|---|---|
| 🔴 CRITICAL | 严重漏洞 | 立即卸载 |
| 🟠 HIGH | 高危风险 | 需人工确认 |
| 🟡 MEDIUM | 中危隐患 | 可选处理 |
| ⚪ INFO | 最佳实践 | 可忽略 |
🎯 使用场景
场景1:日常监控(无需操作)
每天自动扫描,有问题会主动推送报告
场景2:新skill安装后
下次扫描自动覆盖,结果推送到你的渠道
场景3:主动检查
随时发送"扫描技能"立即检查
📊 报告示例
🛡️ Skill Audit Report
AI技能安全扫描 — 守护你的Agent
━━━━━━━━━━━━━━━━━━━━
📊 扫描概况
已扫描:53 个技能
✅ 安全:52 个
⚠️ 有隐患:1 个
📋 隐患详情
🔸 some-skill
🔴 严重 1 个
→ Hardcoded credentials
💡 处理建议
🔴 立即卸载 /remove some-skill
━━━━━━━━━━━━━━━━━━━━
🛠 技术细节
- 扫描引擎: Python正则表达式静态分析
- 扫描范围: npm包技能、扩展技能、工作区技能
- 定时任务: 通过OpenClaw cron实现
- 多渠道: 自动发现并发送到所有活跃渠道
✅ 安装要求
- OpenClaw 运行环境
- Python 3.7+
- 至少配置了一个消息渠道(Telegram/飞书等)
📦 安装
clawhub install auto-skill-scanner
⚙️ 工作原理
安装 → 手动触发一次 → 设置定时cron → 每日自动扫描
首次触发时,脚本会自动:
- 扫描所有已安装技能
- 发现所有活跃消息渠道
- 创建每日定时任务
- 发送首次扫描报告
Usage Guidance
Before installing: 1) Review the included Python files yourself (scripts/skill_audit.py and scripts/scan_and_report.py). They perform local static analysis and will read your installed-skill directories and OpenClaw session file (~/.openclaw/agents/.../sessions.json). 2) Understand that after one manual trigger the skill will create daily cron jobs that run the scanner and post reports to all discovered channels — this can expose discovered secrets to shared channels. If you want this behavior, restrict which channels the agent uses or modify the script to require manual approval before posting critical findings. 3) Ensure 'openclaw' CLI and Python3 are available (the code calls openclaw cron add/list), and expect the installer to attempt to create cron entries; the metadata does not declare these requirements. 4) Consider running the scanner in a safe test account or isolated environment first; examine the report output locally (the script prints reports) and verify no sensitive secrets are being forwarded to unintended recipients. 5) If you install, check and audit created cron jobs (openclaw cron list) and verify/report routing; remove or disable automatic posting if you prefer manual triage.
Capability Analysis
Type: OpenClaw Skill
Name: auto-skill-scanner
Version: 1.0.4
The skill functions as an automated security scanner but employs high-risk behaviors including programmatic persistence and sensitive data discovery. It reads 'sessions.json' to extract active communication channels and uses 'subprocess.run' to register itself as a recurring 24-hour cron job via the 'openclaw' CLI. While these actions align with the stated goal of automated reporting, the broad access to session configurations and the self-scheduling persistence mechanism are high-privilege operations typical of monitoring tools that could be repurposed for unauthorized data collection. Files involved: scripts/scan_and_report.py and scripts/skill_audit.py.
Capability Assessment
Purpose & Capability
The name/description match the implementation: the Python scanner statically scans installed skills and formats a report. It also discovers active channels and uses the OpenClaw cron subsystem to schedule daily runs. However, the skill relies on the 'openclaw' CLI being available (calls openclaw cron list/add) and Python 3 on the host but does not declare required binaries in metadata — a minor incoherence.
Instruction Scope
SKILL.md promises automatic daily scans and multi-channel report delivery; the code implements this and will enumerate installed skills and sessions (reads ~/.openclaw/agents/.../sessions.json and various skills directories). That scope is functionally consistent but sensitive: the scanner will read arbitrary skill files and may include secrets in its findings, then automatically push those findings to every discovered active channel without an additional human review step. Automatic broadcasting of discovered secrets to multiple channels (including shared channels) is a data-leak risk and may be surprising to administrators.
Install Mechanism
No external downloads or installer scripts are included; this is an instruction + Python script bundle. No install spec that pulls remote archives was found, so there is low install-supply-chain risk from this package itself.
Credentials
The skill does not request environment variables or credentials, which is appropriate, but it reads user-local configuration and session files (e.g., ~/.openclaw/agents/.../sessions.json and various skill directories) to discover channels and skills. Reading those paths is inherent to the scanner's purpose but has high sensitivity because session entries may contain channel addresses/tokens and skills may contain secrets. The skill also relies on the 'openclaw' CLI and Python but those are not declared in metadata.
Persistence & Privilege
The skill does not set always:true, but it will create persistent cron jobs via the OpenClaw cron API (by invoking the 'openclaw' CLI) after the first manual trigger. That grants continuing, autonomous scanning/reporting capability — expected for a monitoring tool but important to note because it performs recurring actions that can publish sensitive findings automatically.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install auto-skill-scanner - After installation, invoke the skill by name or use
/auto-skill-scanner - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.4
Fixed: improved skill discovery to find npm package skills, deduplication of scan results
v1.0.3
Fixed: exclude list now includes auto-skill-scanner, improved cron job detection
v1.0.2
Updated documentation to clearly explain the first-time trigger requirement
v1.0.1
Fixed: Auto-setup cron jobs on first trigger. Now automatically configures daily scanning and channel delivery when user says 'scan skills'.
v1.0.0
Automated AI skill security monitoring with daily auto-scan and multi-channel reporting
Metadata
Frequently Asked Questions
What is Auto Skill Scanner?
Auto Skill Scanner - 自动化AI技能安全监控工具。每日自动扫描已安装的OpenClaw技能,发现硬编码凭证、Shell注入、网络泄露等安全隐患,报告推送至Telegram/飞书等渠道。触发词:scan skills、扫描技能、安全扫描。 It is an AI Agent Skill for Claude Code / OpenClaw, with 116 downloads so far.
How do I install Auto Skill Scanner?
Run "/install auto-skill-scanner" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Auto Skill Scanner free?
Yes, Auto Skill Scanner is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Auto Skill Scanner support?
Auto Skill Scanner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Auto Skill Scanner?
It is built and maintained by ohmanymoneygomyhome-creator (@ohmanymoneygomyhome-creator); the current version is v1.0.4.
More Skills