← Back to Skills Marketplace
1154
Downloads
2
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install skill-security-reviewer
Description
Detects malicious behavior and security threats in target skills using advanced analysis of obfuscation, encoding, encryption, and dynamic code techniques.
Usage Guidance
This skill appears to do what it says (read-only analysis of other skills) but the SKILL.md contains at least one prompt-injection pattern. Before installing: (1) manually inspect the entire SKILL.md for any instructions that try to override agent constraints (phrases like 'ignore previous instructions' or embedded 'execute' directives); (2) only run it in a sandboxed agent environment where it cannot access unrelated files or credentials; (3) ensure the agent enforces the 'do not execute decoded code' rule programmatically (not just by prose); (4) if you plan to allow autonomous invocation, consider disabling that until you've audited behavior; (5) if you need more assurance, ask the maintainer for provenance (homepage, source repo, maintainer identity) or run the analysis locally on a copy of the target skill rather than giving the skill access to live system state. Additional information that would change this assessment: presence of embedded instructions in SKILL.md that explicitly tell the agent to execute code or access unrelated credentials, or bundled install scripts/downloader entries — those would raise the severity to malicious.
Capability Analysis
Type: OpenClaw Skill
Name: skill-security-reviewer
Version: 3.0.0
The skill 'skill-security-reviewer' is designed to detect malicious skills, a benign objective. Its `SKILL.md` explicitly forbids the agent from executing any commands or scripts from the target skill or executing decoded code (Section §3, 'Execution Rules'). However, the skill requires broad file system access to read and analyze all files of a target skill, including potentially sensitive configurations and code. This constitutes a 'risky capability' (broad permissions, processing untrusted input) even though it is plausibly needed for its stated purpose. The inherent risk of processing and decoding potentially malicious content, combined with broad file access, creates a vulnerability surface for the agent or its environment, leading to a 'suspicious' classification rather than 'benign' or 'malicious'.
Capability Assessment
Purpose & Capability
The SKILL.md describes a tool that audits other skills for obfuscation/evasion and explicitly limits itself to read-only analysis and safe decoding. There are no required binaries, env vars, or install steps, which is proportionate to a static analysis/instruction-only skill.
Instruction Scope
The instructions permit reading and decoding all files of a target skill (reasonable for auditing) but the pre-scan found a prompt-injection pattern ('ignore-previous-instructions') inside SKILL.md. That indicates the skill file may contain content intended to manipulate the evaluator or agent behavior; the README also allows broad decoding of arbitrary encoded/encrypted content which could include active payloads if the 'do not execute' rule is not enforced.
Install Mechanism
No install spec and no code files — lowest risk for on-disk persistence and arbitrary downloads. Nothing is written to disk by an installer; only report outputs are described.
Credentials
The skill requests no environment variables, credentials, or config paths. For its stated audit purpose, this is proportionate.
Persistence & Privilege
always:false and no install behavior — the skill does not request permanent presence. However the skill is allowed autonomous invocation by default (disable-model-invocation:false). Combined with the prompt-injection pattern inside its instructions, autonomous invocation could increase risk if the skill attempts to manipulate agent decision-making.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-security-reviewer - After installation, invoke the skill by name or use
/skill-security-reviewer - Provide required inputs per the skill's parameter spec and get structured output
Version History
v3.0.0
v3.0 New Features:
- Code obfuscation detection and de-obfuscation analysis
- Encoding/encryption evasion detection (Base64, Hex, ROT13, XOR, AES, etc.)
- String splitting/concatenation detection
- Dynamic code generation detection
- Multi-layer nested obfuscation detection
- Entropy analysis to identify encrypted content
Metadata
Frequently Asked Questions
What is Skill Security Reviewer 3.0?
Detects malicious behavior and security threats in target skills using advanced analysis of obfuscation, encoding, encryption, and dynamic code techniques. It is an AI Agent Skill for Claude Code / OpenClaw, with 1154 downloads so far.
How do I install Skill Security Reviewer 3.0?
Run "/install skill-security-reviewer" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skill Security Reviewer 3.0 free?
Yes, Skill Security Reviewer 3.0 is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Skill Security Reviewer 3.0 support?
Skill Security Reviewer 3.0 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skill Security Reviewer 3.0?
It is built and maintained by NinjaGPT (@ninjagpt); the current version is v3.0.0.
More Skills