← Back to Skills Marketplace
620
Downloads
2
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install crabukit
Description
Security scanner for OpenClaw skills with Clawdex integration. Analyzes SKILL.md and scripts for dangerous permissions, hardcoded secrets, shell injection vu...
README (SKILL.md)
🔒 Crabukit
Security scanner for OpenClaw skills. Prevents installation of malicious or vulnerable skills by static analysis. Integrates with Clawdex for comprehensive protection.
Quick Start
# Safely install a skill (scans before installing)
crabukit install youtube-summarize
# Scan a local skill before installing
crabukit scan ./suspicious-skill/
# Scan an installed skill
crabukit scan /opt/homebrew/lib/node_modules/clawdbot/skills/unknown-skill
# CI mode - fail on high severity or above
crabukit scan ./my-skill --fail-on=high
# List all detection rules
crabukit list-rules
🔌 Clawdex Integration
Crabukit automatically integrates with Clawdex if installed:
# Install Clawdex for database-based protection
clawdhub install clawdex
# Now crabukit will:
# 1. Check Clawdex database (known 824+ malicious skills)
# 2. Run behavior analysis (zero-day detection)
# → Defense in depth!
Layered Protection:
- Clawdex: Database of known-bad skills (fast lookup)
- Crabukit: Behavior analysis for zero-days (static analysis)
What It Detects
| Category | Issues |
|---|---|
| External DB | Known malicious skills (via Clawdex) |
| Secrets | Hardcoded API keys, private keys, passwords |
| Code Injection | eval(), exec(), subprocess(shell=True) |
| Shell Risks | curl | bash, rm -rf, unquoted variables |
| Permissions | Dangerous tool requests without safety guidance |
| Metadata | Suspicious patterns in SKILL.md descriptions |
Risk Scoring
Crabukit assigns a score (0-100) based on findings:
| Score | Level | Action |
|---|---|---|
| 0 | Clean | Safe to install |
| 1-9 | Low | Minor issues |
| 10-24 | Medium | Review findings |
| 25-49 | High | Careful review required |
| 50+ | Critical | Do not install |
Exit Codes
0- Scan completed, no findings at or above--fail-onthreshold1- Findings at or above threshold detected
CI/CD Integration
# .github/workflows/security.yml
- name: Scan skill
run: |
pip install crabukit
crabukit scan ./my-skill --fail-on=medium
Installation
# Via ClawdHub (when published)
clawdhub install crabukit
# Or via pip
pip install crabukit
# Or from source
git clone https://github.com/tnbradley/crabukit.git
cd crabukit
pip install -e .
Usage Guidance
Crabukit appears to be what it claims: a static security scanner with rule sets and tests. Before installing or running it with elevated privileges: 1) Inspect scripts/claw-safe-install.sh and do not blindly copy/source it into your shell — run it in a sandbox first or read it line-by-line. 2) Review external_scanners.py (Clawdex integration) to confirm which remote endpoints are contacted and whether any credentials are needed. 3) Prefer installing from the published package index (or a verified GitHub release) rather than unverified sources; verify the project URL and maintainer. 4) Run the package in an isolated environment (virtualenv/container) and run the test-suite included to verify behavior. 5) Because this is a security tool that looks for dangerous patterns, antivirus false positives are possible — treat those explanations cautiously and audit the code yourself if you rely on it for security-critical workflows.
Capability Analysis
Type: OpenClaw Skill
Name: crabukit
Version: 0.1.3
The OpenClaw skill 'crabukit' is a security scanner designed to detect malicious patterns, vulnerabilities, and prompt injection attempts in *other* OpenClaw skills. While its codebase contains numerous patterns for highly malicious activities (e.g., RCE, data exfiltration, backdoors, `curl|bash`, `eval`/`exec`, prompt injection phrases), these are consistently implemented as *detection rules* within its analyzers and pattern definitions (`crabukit/rules/patterns.py`, `crabukit/analyzers/*.py`), or as *test fixtures* (`tests/fixtures/malicious-skill/`) to validate its detection capabilities. The `SECURITY.md` explicitly addresses potential false positives from antivirus software due to its defensive nature. The only external network call identified (`crabukit/external_scanners.py`) is a legitimate query to the Clawdex threat intelligence API (`https://clawdex.koi.security`) to check the reputation of the *skill being scanned*, not to exfiltrate user data. The `scripts/claw-safe-install.sh` wrapper also implements a defensive 'scan-before-install' mechanism. There is no evidence of intentional harmful behavior by the 'crabukit' skill itself; its purpose is to enhance security.
Capability Assessment
Purpose & Capability
The skill's name/description (security scanner) matches the code and tests: analyzers for bash/python, permission checks, rules/patterns, CLI, and CI integration. It does not request unrelated credentials or system-wide binaries. One minor mismatch: registry metadata said 'no install spec / instruction-only' while SKILL.md includes package install metadata (pip). This likely reflects packaging metadata being present in SKILL.md but is not a functional risk.
Instruction Scope
SKILL.md contains clear runtime instructions for scanning, installing via pip, and optional integration with Clawdex. It also suggests copying a 'claw-safe-install.sh' wrapper into the user's home and adding it to shell config — that is a persistent change the user must opt into. The SKILL.md also lists prompt-injection trigger phrases (e.g., 'ignore-previous-instructions') as detection targets; the presence of those strings is expected for a scanner but was flagged by the pre-scan detector.
Install Mechanism
Installation is via pip / standard Python packaging and links to a GitHub repo in docs/examples. There is no binary download from an untrusted host or extract-from-arbitrary-URL behavior. CI uses pip install -e . which is standard for Python projects.
Credentials
The package declares no required environment variables, no primary credential, and no config paths. Optional integration with Clawdex is documented; that integration appears to be optional and should be explained to users before providing any Clawdex credentials. No broad unrelated credentials are requested.
Persistence & Privilege
The skill does not request permanent agent inclusion (always:false) and does not modify other skills. However, documentation recommends copying a shell wrapper into the user's home and sourcing it in shell config, which is a user-driven persistent change. Users should inspect that script before adding it to their shell startup.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install crabukit - After installation, invoke the skill by name or use
/crabukit - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.3
- Internal maintenance updates for broader standards compliance.
- Added SECURITY.md with security policy disclosure.
- Updated package metadata in pyproject.toml.
- No changes to functionality or user-facing features.
v0.1.2
- Updated SKILL.md metadata for improved compatibility with Clawdbot, including expanded file listing and revised metadata key from "openclaw" to "clawdbot".
- No functional changes to the scanning engine or CLI behavior.
- Documentation updates only; package functionality remains unchanged.
v0.1.1
crabukit v0.1.1 changelog
- Added initial test suite (`tests/` directory) to support test-driven development.
- Updated installation metadata: pip install now references source (`package: .`) instead of PyPI, improving support for local installs.
- Updated documentation files for clarity and current usage (README.md, CONTRIBUTING.md, SECURITY.md).
- Improved shell installation script (`scripts/claw-safe-install.sh`).
- Various bugfixes and internal improvements in source files.
v0.1.0
- Initial release of crabukit: a security scanner for OpenClaw skills.
- Analyzes SKILL.md and scripts for secrets, dangerous permissions, shell injection, and malicious code.
- Integrates automatically with Clawdex to detect known-malicious skills.
- Assigns a risk score and supports CI/CD workflows.
- Supports scanning skills during install, development, or auditing installed skills.
Metadata
Frequently Asked Questions
What is Crabukit?
Security scanner for OpenClaw skills with Clawdex integration. Analyzes SKILL.md and scripts for dangerous permissions, hardcoded secrets, shell injection vu... It is an AI Agent Skill for Claude Code / OpenClaw, with 620 downloads so far.
How do I install Crabukit?
Run "/install crabukit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Crabukit free?
Yes, Crabukit is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Crabukit support?
Crabukit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Crabukit?
It is built and maintained by tnbradley (@tnbradley); the current version is v0.1.3.
More Skills