← Back to Skills Marketplace
902
Downloads
2
Stars
6
Active Installs
2
Versions
Install in OpenClaw
/install skill-security-scanner
Description
Scan OpenClaw skills for security risks, suspicious permissions, and provide a trust score to help evaluate skill safety before use or installation.
Usage Guidance
This skill is a useful, low-risk helper but be cautious: the automated script only inspects SKILL.md and metadata (it greps for network calls, env names, and markdown headings). It will miss malicious code in other files, hidden downloads, compiled binaries, or obfuscated scripts. Treat its trust score as a quick heuristic, not a definitive verdict. Before relying on it: (1) manually review code files (scripts, binaries, build/install steps), (2) run more comprehensive static-analysis tools across the whole skill directory, (3) sandbox test unknown skills (limited privileges/VM/container), and (4) avoid automatically sharing scan results to other services unless you trust those integrations. If the author/packaging is unfamiliar, prefer manual code review in addition to this scanner.
Capability Analysis
Type: OpenClaw Skill
Name: skill-security-scanner
Version: 1.0.1
The skill is designed to be a security scanner, which is a benign purpose. However, the `scripts/scan-skill.sh` script contains a critical shell injection vulnerability. The `BINS` variable, which is populated from the content of the *scanned skill's* `SKILL.md` file, is echoed without quotes (`echo " • bins: $BINS"`). This allows a malicious `SKILL.md` to inject arbitrary shell commands into the scanner script, leading to potential Remote Code Execution (RCE) on the system running the scanner. This is a vulnerability, not intentional malice by the scanner itself, hence classified as suspicious.
Capability Assessment
Purpose & Capability
The name and description match the contained files: a scanner that inspects skills. However the shipped scanner is very lightweight and only greps SKILL.md and metadata; it does not actually scan code files, binaries, or perform dynamic analysis despite implying a full-skill audit and trust scoring. Asking no credentials and no special binaries is coherent for this purpose.
Instruction Scope
SKILL.md describes scanning strategies (network calls, credential reads, obfuscation) and example patterns, but the runnable script (scripts/scan-skill.sh) only searches the skill's SKILL.md for a handful of regexes and metadata lines. The documentation suggests examining full source and integrating with memory/other skills, but the automated checks do not analyze code files, dependencies, or runtime behavior — creating a risk of false negatives (malicious behavior hidden in other files) and false confidence.
Install Mechanism
No install spec and no external downloads; the repository is instruction-only with a small local shell script. This is low risk from an install perspective because nothing will be written or executed automatically on install. Running the included script executes only local greps and echoes.
Credentials
The skill requests no environment variables or credentials and does not attempt to read system files in the provided script. SKILL.md warns about sensitive files (e.g., ~/.aws/credentials) but only as examples of red flags. A small note: the docs recommend storing trust scores in 'memory' or reporting findings to other skills — that implies potential storage/sharing of scan results, but this is a user-level integration choice, not an automatic credential request.
Persistence & Privilege
always:false and normal model invocation settings are used. The SKILL.md suggests integrating with agent memory and other skills which could persist or share findings; that's not inherently malicious but users should be aware that trust scores and scan results might be stored or broadcast if they enable such integrations.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-security-scanner - After installation, invoke the skill by name or use
/skill-security-scanner - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Removed always-on flag (`always: true`) from skill metadata, making the scanner no longer run by default in all cases.
- Updated documentation to clarify and simplify examples of high-risk patterns, replacing real domains and paths with generic examples.
- No changes to core functionality; update is documentation and configuration only.
v1.0.0
Initial release of "skill-security-scanner":
- Scan OpenClaw skills for security issues, suspicious permissions, and provide trust scores.
- Detects risky patterns in skill metadata and documentation.
- Scores skills from 0–100 and suggests risk levels with action recommendations.
- Commands: scan individual skills, audit all, list permissions, and get trust scores.
- Outputs detailed reports with issues, positives, and safety recommendations.
Metadata
Frequently Asked Questions
What is Skill Security Scanner?
Scan OpenClaw skills for security risks, suspicious permissions, and provide a trust score to help evaluate skill safety before use or installation. It is an AI Agent Skill for Claude Code / OpenClaw, with 902 downloads so far.
How do I install Skill Security Scanner?
Run "/install skill-security-scanner" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skill Security Scanner free?
Yes, Skill Security Scanner is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Skill Security Scanner support?
Skill Security Scanner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skill Security Scanner?
It is built and maintained by DevSef (@steffano198); the current version is v1.0.1.
More Skills