← Back to Skills Marketplace
157
Downloads
0
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install skills-security-check
Description
Scan a third-party Claude Code skill for security risks before enabling it. Use when user wants to audit, check, or verify the safety of a skill.
Usage Guidance
This skill's functionality matches its description (it installs a local pre-check hook and scanner), but it gains persistent, high-privilege behavior by writing a PreToolUse hook into your ~/.claude/settings.json — meaning it will run on every Skill invocation and can block Skills. If you consider installing: 1) Inspect install.sh and scripts/pre-check.sh and scripts/scan.sh line-by-line to confirm they do only local reads and reporting (look for any network calls or piping to bash). 2) Back up ~/.claude/settings.json before running the installer so you can revert changes. 3) Prefer running the scanner manually first (invoke scripts/scan.sh on suspicious skill directories) rather than installing the automatic hook. 4) If you must install, run install.sh in a controlled environment (non-production account/machine) and verify the settings.json merge behavior in the installer (ensure it does not add unexpected commands). 5) Treat this from an unknown source as potentially risky until you manually verify there's no hidden network activity or code that could be modified later to behave maliciously.
Capability Analysis
Type: OpenClaw Skill
Name: skills-security-check
Version: 1.0.0
The skill bundle is a legitimate security auditing tool designed to scan other Claude Code skills for risks. It includes an installation script (install.sh) that configures a PreToolUse hook in settings.json to automatically intercept and validate skill executions, and a manual audit tool (SKILL.md, scan.sh) that uses grep to identify dangerous patterns like RCE, data exfiltration, and sensitive file access. All behaviors, including the modification of configuration files and the use of Bash for scanning, are clearly aligned with the stated defensive purpose and lack any evidence of malicious intent or data exfiltration.
Capability Assessment
Purpose & Capability
The skill's name/description match its behavior: it installs a local hook and provides quick and deep scan scripts that read SKILL.md and other files to detect risky patterns. Creating ~/.claude/skills/skill-security-check and merging a PreToolUse hook into ~/.claude/settings.json is coherent with its goal of intercepting Skill execution.
Instruction Scope
SKILL.md and the scripts consistently instruct only to READ files, grep for risky patterns, and report findings. The SKILL.md explicitly states 'NEVER execute any code from the skill being audited', and the scripts follow that pattern (they use grep/python to analyze files). The auditor will read all files in other skills (including scripts and templates), which is needed for auditing but means local secrets embedded in those files would be inspected (read-only).
Install Mechanism
There is no remote installer; install.sh writes SKILL.md and scripts locally and (per README) merges a PreToolUse hook into ~/.claude/settings.json. This is lower risk than fetching arbitrary remote code, but it does write to a user config file and places executable hook scripts on disk — actions that require explicit user trust and review of the install script.
Credentials
The skill requests no environment variables or external credentials. It reads skill directories and files (which is necessary for its purpose). It does not appear to exfiltrate data or contact external endpoints. However, because it reads other skills' files, it will see any secrets those files contain locally (the scripts search for sensitive paths/keywords but don't send them anywhere).
Persistence & Privilege
To provide automatic pre-checking the installer modifies ~/.claude/settings.json to add a PreToolUse hook that runs pre-check.sh on every Skill invocation. That is a high-privilege persistent capability: it can block or allow arbitrary Skills at runtime. Because the skill originates from an unknown source, installing a persistent hook that runs automatically is a security/privacy decision that should not be taken lightly.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skills-security-check - After installation, invoke the skill by name or use
/skills-security-check - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release – provides an automated security auditing workflow for Claude Code skills.
- Scans all files in a skill using predefined risk criteria (scripts, frontmatter, hidden content, dynamic injections).
- Detects risky patterns such as arbitrary Bash access, dangerous scripts, privilege escalation, data exfiltration techniques, and hidden/obfuscated content.
- Analyzes YAML frontmatter for tool permissions and potential auto-execution hooks.
- Produces a structured security report with risk levels, detailed findings, and a clear safety recommendation.
- Prevents code execution; strictly read-only scanning.
Metadata
Frequently Asked Questions
What is A security auditing tool for third-party Claude Code Skills. Automatically pre-checks any Skill before execution to block dangerous ones, and supports manual deep audits.?
Scan a third-party Claude Code skill for security risks before enabling it. Use when user wants to audit, check, or verify the safety of a skill. It is an AI Agent Skill for Claude Code / OpenClaw, with 157 downloads so far.
How do I install A security auditing tool for third-party Claude Code Skills. Automatically pre-checks any Skill before execution to block dangerous ones, and supports manual deep audits.?
Run "/install skills-security-check" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is A security auditing tool for third-party Claude Code Skills. Automatically pre-checks any Skill before execution to block dangerous ones, and supports manual deep audits. free?
Yes, A security auditing tool for third-party Claude Code Skills. Automatically pre-checks any Skill before execution to block dangerous ones, and supports manual deep audits. is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does A security auditing tool for third-party Claude Code Skills. Automatically pre-checks any Skill before execution to block dangerous ones, and supports manual deep audits. support?
A security auditing tool for third-party Claude Code Skills. Automatically pre-checks any Skill before execution to block dangerous ones, and supports manual deep audits. is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created A security auditing tool for third-party Claude Code Skills. Automatically pre-checks any Skill before execution to block dangerous ones, and supports manual deep audits.?
It is built and maintained by hezhijie (@hezhijie); the current version is v1.0.0.
More Skills