← Back to Skills Marketplace
1513
Downloads
0
Stars
10
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-skill-auditor
Description
Scans ClawHub skills to detect malicious code, obfuscated payloads, and social engineering via pattern matching, deobfuscation, and LLM analysis before insta...
Usage Guidance
This skill appears to implement a legitimate scanner, but review before use: (1) be aware it expects (but doesn't declare) the 'clawhub' CLI to fetch remote skills and optionally an LLM CLI (Gemini) for deeper analysis — install and verify those tools from trusted sources first; (2) run the auditor in an isolated sandbox or VM when scanning untrusted skills because it fetches remote skill packages; (3) the script writes collected suspicious snippets to a predictable /tmp file and suggests sending them to an LLM or emailing a personal address — do NOT send secrets or plaintext sensitive files to third-party LLMs or personal emails; (4) if you plan to use the LLM analysis path, configure it to use a trusted, privacy-preserving endpoint or do the analysis offline; and (5) ask the author to explicitly declare required binaries/dependencies and to remove or make the reporting workflow safer (use a private/internal reporting channel). If you need higher assurance, run the script on a throwaway environment and manually inspect its output before following any 'send' recommendations.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-skill-auditor
Version: 1.0.0
The OpenClaw AgentSkills skill bundle 'skill-auditor' is designed to detect malicious code and security threats in other ClawHub skills. Its `SKILL.md` and `scripts/audit.sh` implement pattern matching, deobfuscation, and LLM analysis to identify high-risk behaviors like base64/curl piped to bash, known C2 servers (e.g., 91.92.242.30), credential theft keywords, and access to sensitive directories. All identified high-risk capabilities are for detection purposes, not execution by the skill itself. The script uses temporary files and `clawhub inspect` for its legitimate auditing function, and the LLM analysis step explicitly saves suspicious code locally and provides a prompt suggestion for the *user* to analyze it, rather than instructing the agent to perform malicious actions or exfiltrate data.
Capability Assessment
Purpose & Capability
SKILL.md and the script implement a skill-auditor as described, but the runtime relies on external CLIs ('clawhub inspect' to fetch skills and optional 'gemini' for LLM analysis) even though the skill declares no required binaries/dependencies. That omission is an incoherence — a scanner that fetches remote skills and optionally runs LLM analysis legitimately needs those tools declared.
Instruction Scope
The instructions and script scan skill files (expected) but also copy suspicious snippets to a predictable /tmp file and explicitly instruct the OpenClaw agent to analyze them with an LLM. That workflow can expose full suspicious code to any LLM or other actor the agent uses. The SKILL.md also encourages reporting findings by emailing a personal address ([email protected]), which could leak code or sensitive material. The script itself does not exfiltrate over network, but its guidance promotes sending data externally.
Install Mechanism
No install spec (instruction-only) — the skill does not download or install third-party code at install time, which minimizes direct install risk.
Credentials
The skill does not request any environment variables or credentials (good). It scans target code for uses of $API_KEY, ~/.ssh, ~/.aws, etc., which is appropriate for a scanner. However, because it encourages copying suspicious snippets to /tmp and sending them for LLM analysis or email, there's a privacy/credential-leak risk if scanned code contains real secrets.
Persistence & Privilege
The skill does not request persistent/always-on privileges and does not modify other skills or system-wide settings. It runs on demand and uses temporary files, which is appropriate for a scanner.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-skill-auditor - After installation, invoke the skill by name or use
/openclaw-skill-auditor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: 3-layer security scanner for ClawHub skills. L1 pattern matching, L2 base64/hex deobfuscation, L3 LLM intent analysis.
Metadata
Frequently Asked Questions
What is OpenClaw Skill Auditor?
Scans ClawHub skills to detect malicious code, obfuscated payloads, and social engineering via pattern matching, deobfuscation, and LLM analysis before insta... It is an AI Agent Skill for Claude Code / OpenClaw, with 1513 downloads so far.
How do I install OpenClaw Skill Auditor?
Run "/install openclaw-skill-auditor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Skill Auditor free?
Yes, OpenClaw Skill Auditor is completely free (open-source). You can download, install and use it at no cost.
Which platforms does OpenClaw Skill Auditor support?
OpenClaw Skill Auditor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Skill Auditor?
It is built and maintained by sypsyp97 (@sypsyp97); the current version is v1.0.0.
More Skills