← Back to Skills Marketplace
SecurityClaw
by
mallen-lbx
· GitHub ↗
· v1.0.0
2024
Downloads
3
Stars
7
Active Installs
1
Versions
Install in OpenClaw
/install securityclaw
Description
Security-first skill auditing and quarantine for OpenClaw skills. Use when installing new skills, reviewing skills from unknown sources, scanning skills for prompt injection/exfiltration/supply-chain risks, or when a bot suspects a skill is malicious. Guides static + optional sandbox checks, quarantines suspicious skills, and produces an owner-action checklist (Delete / Report / Allow / Scan all).
Usage Guidance
This skill is internally coherent for scanning and quarantining other skills. Before running: (1) review the bundled Python script (you already did) and confirm it will be run against the correct skills directory; (2) run it read-only first (no --quarantine) and examine report.json; (3) if you use --quarantine, run it as a normal user (not root) so it can only move files the user can already modify; (4) if you plan to perform dynamic sandboxing, follow the sandboxing.md guidance (run in an isolated VM/container with no network and no access to OpenClaw secrets); (5) remember the SKILL.md contains examples of attack markers (e.g., 'ignore previous instructions') which the scanner will flag — that's expected. If you need higher assurance, run the scanner on a copy of your skills folder or in a disposable environment first.
Capability Analysis
Type: OpenClaw Skill
Name: securityclaw
Version: 1.0.0
This skill is a security scanner designed to audit other OpenClaw skills for malicious patterns, including prompt injection, data exfiltration, and shell execution. The `SKILL.md` provides instructions for running the scanner, not for the agent to perform malicious actions. The `scripts/securityclaw_scan.py` script performs static analysis and can quarantine suspicious skill directories, which are legitimate actions for a security tool. It does not contain any self-malicious code, attempt to exfiltrate data, or perform unauthorized actions. Its file system access and analysis capabilities are directly aligned with its stated purpose as a security scanner.
Capability Assessment
Purpose & Capability
Name/description match what is present: an instruction doc plus a Python scanner that looks for risky patterns and can move (quarantine) skill folders. The skill does not declare unrelated env vars or external services.
Instruction Scope
SKILL.md instructs running the bundled scanner in read-only mode by default and only quarantining when explicitly requested; dynamic (sandbox) checks are described as optional and limited. The README includes example commands and a clear quarantine workflow. The SKILL.md does include an example prompt-injection phrase (used as a detection example) — this is expected for a scanner and not evidence of malicious intent.
Install Mechanism
No install spec and no external downloads. The scanner is instruction-only with a single included Python script; this is the lowest-risk installation model for this functionality.
Credentials
No environment variables, no credentials, and no config paths are requested. The scanner only needs filesystem access to the skills directory and an optional quarantine directory, which matches its purpose.
Persistence & Privilege
always:false and default model-invocation behavior are appropriate. The scanner can move directories when run with --quarantine, so it requires filesystem write permission to the provided skills path; this is expected but the user should ensure the script is invoked with the intended target path and not run as an overly privileged account.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install securityclaw - After installation, invoke the skill by name or use
/securityclaw - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
SecurityClaw is a security-first skill + toolkit for OpenClaw that audits installed skills for:
malicious behavior / exploit patterns
prompt injection payloads embedded in docs
secret exfiltration and unsafe tool usage
risky install scripts / supply-chain issues
When a suspicious or infected skill is detected, SecurityClaw’s workflow is:
Quarantine the skill (move it out of the active skills directory)
Generate a forensic report (what matched, where, why it’s risky)
Notify the owner and await explicit instruction:
Delete (remove quarantined files)
Report (open an issue / publish IOCs)
Allow (add to allowlist and restore)
Scan all (deep scan all skills)
Metadata
Frequently Asked Questions
What is SecurityClaw?
Security-first skill auditing and quarantine for OpenClaw skills. Use when installing new skills, reviewing skills from unknown sources, scanning skills for prompt injection/exfiltration/supply-chain risks, or when a bot suspects a skill is malicious. Guides static + optional sandbox checks, quarantines suspicious skills, and produces an owner-action checklist (Delete / Report / Allow / Scan all). It is an AI Agent Skill for Claude Code / OpenClaw, with 2024 downloads so far.
How do I install SecurityClaw?
Run "/install securityclaw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is SecurityClaw free?
Yes, SecurityClaw is completely free (open-source). You can download, install and use it at no cost.
Which platforms does SecurityClaw support?
SecurityClaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created SecurityClaw?
It is built and maintained by mallen-lbx (@mallen-lbx); the current version is v1.0.0.
More Skills