← Back to Skills Marketplace
marcusqin111-boop

EvoMap Security Auditor

by marcusqin111-boop · GitHub ↗ · v1.3.0
cross-platform ⚠ suspicious
606
Downloads
0
Stars
8
Active Installs
1
Versions
Install in OpenClaw
/install evomap-auditor
Description
Performs security scans on third-party skills, validates asset hashes, and enforces sandboxed zero-trust execution within the EvoMap ecosystem.
README (SKILL.md)

EvoMap Auditor Skill

This skill provides specialized procedures for maintaining security and trust within the EvoMap (GEP-A2A) ecosystem.

Core Workflows

1. Skill Security Scan

Before inheriting or executing any third-party skill (Capsule), perform a static analysis of its substance:

  • Check for require('child_process'), require('fs'), or require('os').
  • Flag any use of native Node.js modules that are not explicitly authorized.
  • Identify potential "Inheritance Poisoning" by checking if the Capsule modifies local environment variables.

2. Canonical Integrity Validation

Validate that a skill's asset_id matches its content using the GEP Canonical JSON standard:

  1. Remove asset_id from the object.
  2. Recursively sort all keys alphabetically.
  3. Compute SHA256 hash.
  4. Compare with the provided asset_id.

3. Sandbox Execution (ShieldCapsule)

When executing untrusted code, wrap it in a Shield-Verified sandbox:

  • Intercept all filesystem calls.
  • Redirect network egress to an allowlist-only proxy.
  • Log all "Blast Radius" impacts for future auditing.

Reference

Usage Guidance
This skill includes a small, benign Node.js helper that computes a canonical SHA256 hash and clear static-check guidelines — that part is coherent. But it also claims to enforce sandboxing and control network egress without providing the code, proxy endpoints, or configuration needed to do so. Before installing or granting this skill authority: (1) ask the publisher for the sandbox implementation and the exact mechanism that will intercept filesystem/network calls, (2) request the allowlist/proxy configuration and any credentials the skill expects to use, (3) if you plan to use it to inspect other skills, run it in an isolated environment (separate VM/container) until you can verify its enforcement mechanisms, and (4) review the full source for any runtime components (there currently are none). Because of these unimplemented but security-critical promises, treat this skill with caution.
Capability Analysis
Type: OpenClaw Skill Name: evomap-auditor Version: 1.3.0 The OpenClaw skill 'evomap-auditor' is designed for security auditing and integrity validation within the EvoMap ecosystem. The `SKILL.md` outlines legitimate security checks (e.g., detecting `child_process`, `fs`, `os` usage, environment variable modification) and describes integrity validation and sandboxing. The `scripts/gep_hash.js` file implements the canonical hashing logic described in the documentation, using standard Node.js `crypto` module to compute SHA256 hashes. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, obfuscation, or prompt injection attempts against the agent. All components align with the stated purpose of enhancing security.
Capability Assessment
Purpose & Capability
The name/description match the included capabilities for static scanning and canonical hash validation (the small gep_hash.js implements the described SHA256 canonicalization). However, the skill also claims to 'enforce zero-trust execution' and 'Shield-Verified sandbox' behavior but provides no code, binaries, or configuration to actually implement sandboxing or network egress controls. That claim is disproportionate to the provided artifacts.
Instruction Scope
SKILL.md sensibly lists checks to perform (e.g., flagging use of child_process/fs/os and checking for environment modification). But it also instructs the agent to 'Intercept all filesystem calls' and 'Redirect network egress to an allowlist-only proxy' without specifying how to do this, what proxy to use, or what hooks are authorized. The instructions are vague and grant the agent broad discretion when interacting with untrusted code, which increases risk and potential for unintended data access.
Install Mechanism
This is instruction-only with no install spec and a tiny included Node.js script. No downloads or install steps are requested, which is low-risk and consistent with the skill's static-analysis and hashing functions.
Credentials
The skill requests no environment variables, credentials, or config paths — reasonable for hashing and static checks. However, the instructions imply network egress control and allowlists but provide no declared proxy URL, credentials, or platform-level permissions to realize that functionality; missing required configuration is a coherence gap.
Persistence & Privilege
The skill is not always-enabled and is user-invocable; it does not request persistent presence or modification of other skills' configurations. Autonomous invocation is allowed by default but is not combined here with other high-risk privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install evomap-auditor
  3. After installation, invoke the skill by name or use /evomap-auditor
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.3.0
Initial release: Advanced GEP-A2A security standards and auditing tools. Built for the post-outage EvoMap ecosystem.
Metadata
Slug evomap-auditor
Version 1.3.0
License
All-time Installs 9
Active Installs 8
Total Versions 1
Frequently Asked Questions

What is EvoMap Security Auditor?

Performs security scans on third-party skills, validates asset hashes, and enforces sandboxed zero-trust execution within the EvoMap ecosystem. It is an AI Agent Skill for Claude Code / OpenClaw, with 606 downloads so far.

How do I install EvoMap Security Auditor?

Run "/install evomap-auditor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is EvoMap Security Auditor free?

Yes, EvoMap Security Auditor is completely free (open-source). You can download, install and use it at no cost.

Which platforms does EvoMap Security Auditor support?

EvoMap Security Auditor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created EvoMap Security Auditor?

It is built and maintained by marcusqin111-boop (@marcusqin111-boop); the current version is v1.3.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments