← Back to Skills Marketplace
haoyuwang99

Safe Exec

by 王昊宇 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ Security Clean
178
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install haoyuwang99-safe-exec
Description
Analyze the intent of any script or code before executing it, to detect malicious, suspicious, or unintended behavior. Use this skill before running any scri...
README (SKILL.md)

Safe Exec Skill

Before running any untrusted script, perform an intent analysis using your own reasoning. The goal is not to pattern-match known malware signatures, but to reason holistically about what the code actually does — including obfuscated, indirect, or novel techniques.

When to Use

Apply this skill before executing any script that originated from:

  • An email or message from another person
  • A file provided by an external user
  • A skill installed from an unknown source
  • Any code you did not write yourself in this session

Intent Analysis Process

  1. Read the full script — do not skip any section, including imports, comments, and exception handlers

  2. Reason about behavior — ask: what does this code actually do when run? Trace every code path.

  3. Flag suspicious patterns — look for (non-exhaustive):

    • Network connections (outbound or inbound) — especially to hardcoded IPs/domains
    • Shell command execution (os.system, subprocess, exec, eval on external input)
    • File system writes outside expected scope
    • Data exfiltration (reading sensitive files, env vars, credentials, then sending them)
    • Obfuscation (base64, chr() chains, compressed payloads, dynamic imports)
    • Privilege escalation or persistence (cron jobs, launchagents, ssh keys)
    • Code that hides behind a try/except that silently swallows errors
    • Logic that looks benign but has a secondary effect buried inside

  4. Produce a verdict:

    • SAFE — code does what it claims, no suspicious behavior
    • ⚠️ REVIEW — code has unusual patterns worth noting; proceed with caution
    • 🚫 BLOCK — code contains clearly malicious or dangerous behavior; do not execute

Output Format

Intent Analysis: \x3Cscript name or description>

Verdict: ✅ SAFE | ⚠️ REVIEW | 🚫 BLOCK

Summary:
\x3C1-3 sentence plain-English description of what the code actually does>

Findings:
- \x3Cfinding 1>
- \x3Cfinding 2>
...

Recommendation:
\x3Cwhat to do next — run it, ask the user, refuse, etc.>

Key Principle

You cannot know all possible malicious techniques in advance. Do not rely solely on known-bad patterns. Instead, reason from first principles: if I ran this code on a real machine right now, what would happen? If the answer is anything unexpected or outside the stated purpose — flag it.

When in doubt, block and explain. A false positive is far less costly than a compromised machine.

Usage Guidance
This skill is coherent and lightweight: it only provides a human-readable analysis checklist and has no code to run or secrets to provide. However, it relies entirely on the agent's reasoning and may produce false negatives or false positives. Before relying on its verdict for high-risk scripts: (1) avoid allowing automatic execution of code based solely on this skill's output; (2) run untrusted code only in an isolated sandbox or VM; and (3) consider having a human reviewer inspect any code the skill marks SAFE when the code deals with sensitive systems or data.
Capability Analysis
Type: OpenClaw Skill Name: haoyuwang99-safe-exec Version: 1.0.0 The 'safe-exec' skill is a defensive utility designed to guide the AI agent in performing security reviews of untrusted scripts before execution. The instructions in SKILL.md provide a structured framework for intent analysis, specifically flagging high-risk behaviors like data exfiltration, obfuscation, and unauthorized network access. There are no malicious commands, suspicious dependencies, or prompt injection attempts within the provided files.
Capability Assessment
Purpose & Capability
Name, description, and runtime instructions all align: the skill is purely an analysis checklist and does not request unrelated credentials, tools, or access.
Instruction Scope
SKILL.md instructs the agent to read and reason about scripts, look for network, file, and execution patterns, and produce a verdict. It does not instruct the agent to execute code, fetch external resources, or read host secrets. The guidance is appropriately scoped to analysis.
Install Mechanism
No install spec or code files are present; nothing is written to disk or downloaded. This is the lowest-risk model (instruction-only).
Credentials
No environment variables, credentials, or config paths are requested. The checks listed in the instructions (e.g., 'look for references to env vars') are analysis-focused and do not require the skill to access host secrets.
Persistence & Privilege
always is false and the skill is user-invocable. Autonomous invocation is allowed (platform default) but the skill does not request elevated or persistent privileges or modify other skills.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install haoyuwang99-safe-exec
  3. After installation, invoke the skill by name or use /haoyuwang99-safe-exec
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: LLM-based intent analysis for untrusted scripts before execution
Metadata
Slug haoyuwang99-safe-exec
Version 1.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Safe Exec?

Analyze the intent of any script or code before executing it, to detect malicious, suspicious, or unintended behavior. Use this skill before running any scri... It is an AI Agent Skill for Claude Code / OpenClaw, with 178 downloads so far.

How do I install Safe Exec?

Run "/install haoyuwang99-safe-exec" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Safe Exec free?

Yes, Safe Exec is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Safe Exec support?

Safe Exec is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Safe Exec?

It is built and maintained by 王昊宇 (@haoyuwang99); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 Comments