← Back to Skills Marketplace
andyxinweiminicloud

Blast Radius Estimator

by andyxinweiminicloud · GitHub ↗ · v1.0.0
cross-platform ✓ Security Clean
536
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install blast-radius-estimator
Description
Helps estimate the blast radius when an AI agent skill turns malicious after widespread adoption. Analyzes inheritance chains, dependency graphs, and adoptio...
README (SKILL.md)

What Happens When 1000 Agents Inherit a Malicious Skill? Estimating Blast Radius

Helps estimate the downstream impact of a compromised skill by tracing its inheritance chains, adoption velocity, and dependency depth.

Problem

A skill is safe today. 500 agents adopt it. Then the publisher pushes a malicious update. How many agents are now compromised? In traditional software, dependency trees are well-mapped (npm audit, pip-audit). In agent marketplaces, inheritance is implicit, version pinning is rare, and there's no npm audit equivalent. A single poisoned skill can propagate through evolution chains — agents inherit it, build on it, and pass it further. Without blast radius awareness, one bad update can silently compromise an entire skill subtree.

What This Checks

This estimator traces the potential impact of a compromised skill through the ecosystem:

  1. Direct adopters — How many agents currently use this skill directly? Based on download counts, citation data, and known installations
  2. Inheritance depth — How many layers deep does this skill appear in other skills' dependency chains? A skill used by skills used by skills multiplies impact
  3. Adoption velocity — How fast is adoption growing? A skill gaining 50 adopters/week has higher urgency than one with 2 adopters/month
  4. Version pinning check — Do downstream adopters pin to a specific version, or do they track latest? Unpinned adopters receive malicious updates automatically
  5. Capability composition — What can this skill do when combined with the capabilities of its adopters? A "read files" skill adopted by agents that also "send HTTP requests" enables data exfiltration chains

How to Use

Input: Provide one of:

  • A Gene/Capsule identifier (URL, SHA-256, or slug)
  • A marketplace asset page URL
  • A skill name to search for in the ecosystem

Output: A blast radius report containing:

  • Estimated direct and transitive impact count
  • Inheritance tree visualization
  • Adoption trend (growing / stable / declining)
  • Worst-case scenario projection
  • Urgency rating: LOW / MODERATE / HIGH / CRITICAL

Example

Input: Estimate blast radius for skill json-schema-validator (popular utility)

💥 BLAST RADIUS ESTIMATE — HIGH urgency

Direct adopters: ~340 agents
Transitive dependents: ~1,200 agents (via 3 intermediate skills)

Inheritance tree:
  json-schema-validator (target)
  ├── api-tester-pro (89 adopters)
  │   ├── full-stack-auditor (210 adopters)
  │   └── rest-api-fuzzer (45 adopters)
  ├── config-validator (156 adopters)
  │   └── deploy-checker (340 adopters)
  └── data-pipeline-lint (67 adopters)

Adoption velocity: +38 direct adopters/week (ACCELERATING)
Version pinning: 12% of adopters pin version, 88% track latest

Capability composition risk:
  json-schema-validator (parse files) + api-tester-pro (send HTTP)
  → If compromised: parsed file contents could be exfiltrated via HTTP

Worst-case projection: A malicious update would reach ~1,200 agents
within 48 hours (based on update check frequency of unpinned adopters).

Urgency: HIGH — High adoption velocity + low version pinning means
a malicious update would propagate rapidly with minimal friction.

Recommendations:
  - Monitor this skill's updates with priority
  - Encourage adopters to pin versions
  - Set up automated diff alerts on new versions

Limitations

Blast radius estimation relies on available adoption data, which may be incomplete in decentralized marketplaces. Actual impact depends on how agents consume updates (auto-update vs manual), which varies by platform. Estimates represent potential exposure, not confirmed compromise. This tool helps prioritize which skills warrant closer monitoring — it does not predict whether a skill will actually turn malicious.

Usage Guidance
This skill appears coherent and low-risk as an instruction-only tool that fetches web data and analyzes it with Python. Before installing or enabling it: confirm where it will obtain adoption/installation metrics (public pages vs private API), and whether it will later request API keys or elevated access; if you expect private marketplace data, require declared credentials and explicit consent before providing them. Consider limiting autonomous invocation or network access if you do not want the agent to perform broad web scraping on its own. Finally, test with a non-sensitive identifier to validate outputs and observe what external endpoints are contacted.
Capability Analysis
Type: OpenClaw Skill Name: blast-radius-estimator Version: 1.0.0 The OpenClaw skill 'blast-radius-estimator' is designed to analyze the potential impact of other malicious skills. The `SKILL.md` clearly describes its purpose, inputs, and outputs, which are all related to security analysis and risk estimation. It declares a dependency on common binaries (`curl`, `python3`) which are plausible for its stated analytical function (e.g., fetching marketplace data, processing it). There are no instructions for the agent to perform any harmful actions, exfiltrate data, establish persistence, or execute arbitrary code. The documentation discusses data exfiltration and compromise scenarios, but only in the context of what the *estimator* analyzes in *other* skills, not as actions performed by this skill itself. No prompt injection attempts or malicious indicators were found.
Capability Assessment
Purpose & Capability
The name and description (estimating blast radius from adoption/inheritance) align with the declared requirements: curl to fetch web/marketplace pages and python3 to analyze/visualize data. Requiring no credentials is reasonable for public data scanning; the skill does not ask for unrelated capabilities.
Instruction Scope
SKILL.md confines itself to taking an identifier/URL and producing an adoption/inheritance analysis. It does not instruct the agent to read local files, environment secrets, or other system state. However, it is vague about what external data sources or APIs will be used and how (e.g., scraping public pages vs. querying private marketplace APIs), which affects what the tool can actually deliver.
Install Mechanism
No install spec and no code files — instruction-only. This is low-risk: nothing is downloaded or written to disk by the skill package itself.
Credentials
The skill requests no environment variables or credentials. That is proportionate for analyses that rely on public data. If private marketplace metrics or account-scoped download counts are required, the SKILL.md does not declare those credentials, which would be needed later.
Persistence & Privilege
always is false and the skill is user-invocable. disable-model-invocation is false (normal). There is no indication the skill requests persistent system privileges or config changes.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install blast-radius-estimator
  3. After installation, invoke the skill by name or use /blast-radius-estimator
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release — Estimate and visualize the potential blast radius of a compromised AI agent skill. - Calculates direct and transitive impact counts by analyzing inheritance chains and dependency graphs. - Measures adoption velocity to assess urgency. - Checks for version pinning among downstream adopters. - Projects worst-case scenarios and issues urgency ratings. - Generates blast radius reports with inheritance tree visualizations and recommendations.
Metadata
Slug blast-radius-estimator
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Blast Radius Estimator?

Helps estimate the blast radius when an AI agent skill turns malicious after widespread adoption. Analyzes inheritance chains, dependency graphs, and adoptio... It is an AI Agent Skill for Claude Code / OpenClaw, with 536 downloads so far.

How do I install Blast Radius Estimator?

Run "/install blast-radius-estimator" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Blast Radius Estimator free?

Yes, Blast Radius Estimator is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Blast Radius Estimator support?

Blast Radius Estimator is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Blast Radius Estimator?

It is built and maintained by andyxinweiminicloud (@andyxinweiminicloud); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments