← Back to Skills Marketplace
Devin Floyd
by
Devin Floyd
· GitHub ↗
· v1.0.0
543
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install clawguarddevin
Description
Security scanner for OpenClaw/Clawdbot skills - detect malicious patterns before installation
README (SKILL.md)
ClawGuard
Security Scanner for OpenClaw/Clawdbot Skills
Protect yourself from malicious skill installations. ClawGuard scans skills for dangerous patterns before you install them - including patterns from the ClawHavoc campaign (341 malicious skills discovered by Koi Security).
Quick Start
# Scan a skill by name
python scan.py --skill \x3Cskill-name>
# Scan a skill by path
python scan.py --path /path/to/skill
# Scan all installed skills
python scan.py --all
What It Detects
| Category | Examples | Severity |
|---|---|---|
| 🔴 Reverse Shells | socket.connect(), pty.spawn(), /dev/tcp | Critical |
| 🔴 Data Exfiltration | requests.post() to suspicious TLDs | Critical |
| 🔴 Credential Harvest | Reading ~/.ssh/id_rsa, AWS credentials | Critical |
| 🔴 Obfuscation | base64.b64decode(exec), chr() chains | Critical |
| 🔴 ClawHavoc IOCs | glot.io scripts, fake Apple URLs, known C2 IPs | Critical |
| 🟠 Code Execution | exec(), eval(), subprocess | High |
| 🟡 Suspicious Network | URL shorteners, weird ports | Medium |
Output Formats
# Console (default) - colored terminal output
python scan.py --skill github
# JSON - machine-readable for CI/CD
python scan.py --skill github --format json
# Markdown - for sharing reports
python scan.py --skill github --format markdown
Risk Scoring
| Score | Level | Action |
|---|---|---|
| 0-10 | 🟢 Safe | Install freely |
| 11-25 | 🟢 Low | Quick review |
| 26-50 | 🟡 Medium | Review findings |
| 51-75 | 🔴 High | Review carefully |
| 76-100 | 🔴 Critical | Do not install |
IOC Database
70+ indicators of compromise including:
- Remote access (reverse shells, C2)
- Data exfiltration
- Credential harvesting
- Code obfuscation
- Real ClawHavoc campaign IOCs (from Koi Security research)
- Known malicious IPs, hashes, and skill names
Requirements
- Python 3.8+
- No external dependencies (stdlib only)
Credits
IOCs enriched with research from Koi Security - ClawHavoc campaign analysis by Oren Yomtov and Alex.
Links
Built for the Clawdbot community 🐾
Usage Guidance
This skill reads like documentation for a scanner but does not include the scanner code. Do not run commands like python scan.py unless you first verify the code's provenance. Before installing or running: 1) Inspect the referenced GitHub repository to confirm scan.py and the IOC database actually exist and review their source; 2) Require an explicit install or packaging method (or include scan.py in the skill bundle) so you don't have to fetch code manually; 3) If you must test untrusted scanner code, run it in a disposable sandbox/container and audit network calls and file access; 4) Ask the publisher for a reproducible install/test procedure and for provenance (commit history, trusted maintainer); 5) Prefer scanners distributed via well-known package sources or that include their code in the skill bundle. Providing the missing scan.py and an install spec (or a verified repo URL and commit hash) would materially increase confidence.
Capability Analysis
Type: OpenClaw Skill
Name: clawguarddevin
Version: 1.0.0
The OpenClaw skill bundle 'clawguarddevin' is a security scanner designed to detect malicious patterns in other OpenClaw skills. The `SKILL.md` file clearly describes its purpose, detection capabilities (e.g., reverse shells, data exfiltration, credential harvesting, obfuscation), and usage instructions. There is no evidence of prompt injection against the agent, nor any malicious code or instructions within the `clawguard` skill itself. The other files are clearly labeled as `tests/fixtures/` and serve as examples of both benign and malicious skills that the `clawguard` scanner is intended to analyze, not as components of the `clawguard` skill's own malicious behavior.
Capability Assessment
Purpose & Capability
The skill's name/description say it's a security scanner, which would reasonably require a scanner binary/script or an install step. The SKILL.md shows CLI usage (python scan.py ...) and describes an IOC database, but the package contains no scan.py, no executable, and no install mechanism — mismatch between claimed capability and what's actually provided.
Instruction Scope
Runtime instructions instruct the agent/user to run python scan.py against skills or paths and to produce JSON/markdown output, but there is no scan.py included and no guidance to obtain it. That gap could cause an agent or user to fetch and execute code from external sources without clear provenance.
Install Mechanism
There is no install spec (instruction-only). That lowers persistence risk, but for a scanner this is unusual — a legitimate scanner would typically include code or an install step. A GitHub repo link is present in the SKILL.md, but no automated install/clone instruction is provided.
Credentials
The skill requests no environment variables, credentials, or config paths. The declared requirements (Python 3.8+, stdlib only) are proportionate to a simple static scanner. The SKILL.md does not instruct reading unrelated secrets or system files.
Persistence & Privilege
No elevated persistence requested (always:false). The skill is user-invocable and allows normal autonomous invocation, which is expected. It does not request system-wide configuration changes.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clawguarddevin - After installation, invoke the skill by name or use
/clawguarddevin - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release — ClawGuard skill security scanner for OpenClaw/Clawdbot.
- Scans skills for malicious patterns, including reverse shells, data exfiltration, credential harvesting, obfuscation, code execution, and campaign-specific indicators.
- Supports scanning by skill name, file path, or all installed skills.
- Outputs results in console, JSON, or Markdown formats.
- Detailed risk scoring system with guidance based on score.
- IOC database includes 70+ compromise indicators, with ClawHavoc campaign coverage.
- Python 3.8+ only, no external dependencies required.
- Includes test fixture samples for clean and multiple types of malicious skills.
Metadata
Frequently Asked Questions
What is Devin Floyd?
Security scanner for OpenClaw/Clawdbot skills - detect malicious patterns before installation. It is an AI Agent Skill for Claude Code / OpenClaw, with 543 downloads so far.
How do I install Devin Floyd?
Run "/install clawguarddevin" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Devin Floyd free?
Yes, Devin Floyd is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Devin Floyd support?
Devin Floyd is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux, win32).
Who created Devin Floyd?
It is built and maintained by Devin Floyd (@devinfloyd1); the current version is v1.0.0.
More Skills