← Back to Skills Marketplace
1617
Downloads
2
Stars
5
Active Installs
2
Versions
Install in OpenClaw
/install skillguard-scanner
Description
Security scanner for OpenClaw/ClawHub skills. Detects malware, reverse shells, credential theft, prompt injection, memory poisoning, typosquatting, and suspicious prerequisites before installation. Use when installing new skills, auditing existing skills, checking a skill name for typosquatting, or scanning ClawHub skills for security risks.
Usage Guidance
This skill appears to do what it advertises, but treat any security tool as you would any code: (1) Inspect scripts/scanner.py yourself before running (it's included in the bundle). (2) Run it in a restricted environment or with least privilege (do not run as root/administrator). (3) Be aware --fetch-clawhub will use network access and an external 'clawhub' CLI; verify that CLI before using. (4) Review flagged results manually — scanners have false positives and may flag benign tooling. (5) If you plan to automate or allow autonomous invocation, consider the same sandboxing and review controls to limit blast radius.
Capability Analysis
Type: OpenClaw Skill
Name: skillguard-scanner
Version: 1.1.0
The OpenClaw SkillGuard scanner is a security tool designed to detect malicious patterns, such as reverse shells, obfuscation, credential theft, and data exfiltration, in other OpenClaw skills. Analysis of `scripts/scanner.py` confirms that it identifies these patterns using regex but does not execute them itself. The only external command executed is `clawhub search`, which is benign and safely invoked. The `SKILL.md` and `references/threat-landscape.md` files describe the scanner's purpose and provide examples of threats it detects, without containing any malicious prompt injections or executable code for the agent. All observed behaviors are consistent with a legitimate security scanning utility.
Capability Assessment
Purpose & Capability
The name/description match the included files: SKILL.md documents running scripts/scanner.py to scan skills or check names; the included scanner.py contains heuristics for reverse shells, obfuscation, credential access, typosquatting, etc. No unrelated environment variables, binaries, or install steps are required.
Instruction Scope
Instructions tell the agent/user to run the bundled Python scanner and optionally use --fetch-clawhub (which requires the external 'clawhub' CLI). The scanner will read skill files to look for suspicious patterns (expected). Note: --fetch-clawhub will require network access and the external CLI; review any network-facing operations and where reports are written ({baseDir}/../data/scan_results.json).
Install Mechanism
No install spec — code is shipped in the skill bundle. This is the lowest-risk distribution method (nothing is downloaded or executed automatically during install). The scanner is run explicitly by the user/agent.
Credentials
The skill declares no required environment variables or credentials. The scanner's detection patterns reference common secret names (e.g., OPENAI_API_KEY) only to find them in scanned files; that is appropriate for a scanner and does not imply the skill needs those secrets itself.
Persistence & Privilege
The skill is not always-included and is user-invocable. It does not request persistent agent privileges or modify other skills' configs. It writes a JSON report to a relative data path, which is reasonable for a scanner.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skillguard-scanner - After installation, invoke the skill by name or use
/skillguard-scanner - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Added security policy engine: human-readable WHY/ACTION blurbs per finding, real-world incident references, enriched JSON output
v1.0.0
Initial release: static analysis, reverse shell/obfuscation/exfiltration detection, memory poisoning, typosquatting, prerequisites attack vector, false positive scoring
Metadata
Frequently Asked Questions
What is SkillGuard Scanner?
Security scanner for OpenClaw/ClawHub skills. Detects malware, reverse shells, credential theft, prompt injection, memory poisoning, typosquatting, and suspicious prerequisites before installation. Use when installing new skills, auditing existing skills, checking a skill name for typosquatting, or scanning ClawHub skills for security risks. It is an AI Agent Skill for Claude Code / OpenClaw, with 1617 downloads so far.
How do I install SkillGuard Scanner?
Run "/install skillguard-scanner" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is SkillGuard Scanner free?
Yes, SkillGuard Scanner is completely free (open-source). You can download, install and use it at no cost.
Which platforms does SkillGuard Scanner support?
SkillGuard Scanner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created SkillGuard Scanner?
It is built and maintained by msgnoki (@msgnoki); the current version is v1.1.0.
More Skills