← Back to Skills Marketplace
0xrapi

isnad-scan

by Rapi · GitHub ↗ · v1.0.0
cross-platform ✓ Security Clean
518
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install isnad-scan
Description
Scan AI agent skills for security vulnerabilities — detects code injection, prompt injection, credential exfiltration, supply chain attacks, and 69+ threat p...
README (SKILL.md)

isnad-scan — Security Scanner for AI Agent Skills

Scan any skill, package, or directory for security threats before installing or running it.

Quick Scan

isnad-scan \x3Cpath>

Scans a directory and reports findings by severity (CRITICAL, HIGH, MEDIUM, LOW).

Options

isnad-scan \x3Cpath> --cve          # Also check dependencies for known CVEs (via OSV.dev)
isnad-scan \x3Cpath> -v             # Verbose output (show matched lines)
isnad-scan \x3Cpath> --json         # Machine-readable JSON output
isnad-scan \x3Cpath> --cve -v       # Full audit: CVEs + verbose findings

What It Detects (69+ patterns)

Code Injection — shell execution, eval, exec, subprocess, os.system, dynamic imports Prompt Injection — role override attempts, instruction hijacking, jailbreak patterns Credential Exfiltration — env var harvesting, keychain access, token theft, file reads of sensitive paths Network Threats — reverse shells, DNS exfiltration, unauthorized outbound connections, webhook data leaks Filesystem Attacks — path traversal, symlink attacks, /etc/passwd reads, SSH key access Supply Chain — typosquatting detection, minified JS analysis, binary file scanning, hidden files Crypto Risks — weak algorithms, hardcoded keys, wallet seed extraction

When to Use

  1. Before installing a new skill — scan the skill directory first
  2. Auditing existing skills — periodic security review
  3. Reviewing PRs/contributions — catch malicious code in submissions
  4. Pre-publish validation — ensure your own skills are clean before sharing
  5. CI/CD integrationisnad-scan . --json for automated checks

Interpreting Results

🔴 CRITICAL  — Immediate threat. Do not install/run.
🟠 HIGH      — Likely malicious or dangerous. Review carefully.
🟡 MEDIUM    — Suspicious pattern. May be legitimate, verify intent.
🔵 LOW       — Informational. Common in legitimate code but worth noting.

Examples

Scan a ClawHub skill before installing:

isnad-scan ./skills/some-new-skill/

Full audit with CVE checking:

isnad-scan ./skills/some-new-skill/ --cve -v

JSON output for automation:

isnad-scan . --json | python3 -c "import sys,json; d=json.load(sys.stdin); print(f'{d[\"summary\"][\"critical\"]} critical, {d[\"summary\"][\"high\"]} high')"

Python API

from isnad_scan import scan_directory

results = scan_directory("/path/to/skill")
for finding in results.findings:
    print(f"[{finding.severity}] {finding.category}: {finding.description}")
    print(f"  File: {finding.file}:{finding.line}")

About ISNAD

ISNAD (إسناد) means "chain of transmission" — a method for verifying the authenticity of transmitted knowledge. isnad-scan is the security layer of the ISNAD Protocol, bringing trust verification to the AI agent skill ecosystem.

PyPI: pip install isnad-scan GitHub: counterspec/isnad Protocol: isnad.md

Usage Guidance
This skill appears to be a thin integration for the isnad-scan tool and is coherent with its description. Before installing: (1) verify the pip package and GitHub repo (pip install isnad-scan / https://github.com/counterspec/isnad) to ensure you trust the upstream maintainer; (2) if you care about privacy, run scans on copies of sensitive data and be aware that --cve will perform network queries to OSV.dev; (3) inspect the isnad-scan package source (or GitHub) before pipx installing, since the Python import example means code will run inside your agent process; (4) confirm whether the tool performs any dynamic execution of scanned code or telemetry/remote uploads (not documented in SKILL.md). These checks will reduce risk before you give the agent permission to run the scanner.
Capability Analysis
Type: OpenClaw Skill Name: isnad-scan Version: 1.0.0 This skill bundle is a wrapper for 'isnad-scan', a security scanner designed to detect vulnerabilities and malicious patterns in AI agent skills. The `SKILL.md` provides instructions for installing and using this scanner. There is no evidence of malicious intent, data exfiltration, unauthorized execution, or prompt injection against the agent for harmful purposes. The instructions are clear, directly related to the stated purpose of a security scanner, and do not attempt to subvert the agent or compromise the system.
Capability Assessment
Purpose & Capability
Name/description (a scanner) matches the declared requirement: the isnad-scan binary. No unrelated env vars, config paths, or surprising binaries are requested.
Instruction Scope
SKILL.md only instructs running the scanner on a path and shows flags and a Python API. This stays within the stated purpose. Caveats: using --cve implies network queries to OSV.dev (expected for CVE checks) and the Python import example means the package code will be imported into the agent process — SKILL.md does not state whether the scanner performs any dynamic execution of scanned code or telemetry/remote submission of findings.
Install Mechanism
SKILL.md includes a pipx install entry for isnad-scan (PyPI), which is a standard mechanism. The registry metadata noted 'No install spec', creating a minor inconsistency between declared registry install specs and the SKILL.md. Installing from PyPI via pipx is moderate risk but expected for a Python tool; there are no ad-hoc downloads or unknown URLs.
Credentials
No environment variables or credentials are requested, which is proportionate to a scanner. The only external access implied is CVE lookups (public OSV.dev) and possibly GitHub/PyPI lookups referenced in the README links.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent elevated presence or attempt to modify other skills. Autonomous invocation is allowed (platform default) but not by itself a concern here.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install isnad-scan
  3. After installation, invoke the skill by name or use /isnad-scan
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Security scanner for AI agent skills — 69+ detection patterns. Detects code injection, prompt injection, credential exfiltration, supply chain attacks, and more.
Metadata
Slug isnad-scan
Version 1.0.0
License
All-time Installs 2
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is isnad-scan?

Scan AI agent skills for security vulnerabilities — detects code injection, prompt injection, credential exfiltration, supply chain attacks, and 69+ threat p... It is an AI Agent Skill for Claude Code / OpenClaw, with 518 downloads so far.

How do I install isnad-scan?

Run "/install isnad-scan" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is isnad-scan free?

Yes, isnad-scan is completely free (open-source). You can download, install and use it at no cost.

Which platforms does isnad-scan support?

isnad-scan is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created isnad-scan?

It is built and maintained by Rapi (@0xrapi); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 Comments