← Back to Skills Marketplace
yx2601816404-sys

Skill

by yx2601816404-sys · GitHub ↗ · v0.6.1
cross-platform ✓ Security Clean
720
Downloads
0
Stars
1
Active Installs
8
Versions
Install in OpenClaw
/install skill-shield
Description
Security audit tool for ClawHub skills. Scans a skill directory with 65 detection patterns, anti-obfuscation analysis, and dual rating system (Security + Com...
Usage Guidance
This tool appears to do what it says: it reads a skill directory and flags dangerous patterns. Before using it, keep in mind: (1) it will read every file you point it at — don't scan directories that contain private keys or secrets you don't want loaded by a third-party script; run the scanner in an isolated/sandboxed environment if you are unsure. (2) The scanner intentionally suppresses or reduces severity for patterns inside strings, docs, and pattern-definition blocks (to avoid false positives). That behavior is reasonable for a scanner, but it can be abused by a malicious author who formats dangerous code to look like a pattern definition or comment — treat its 'A'/'B' grade as a starting point and manually inspect any high-sensitivity items the scanner flags, especially undeclared permissions (gateway, write, nodes, edit, etc.). (3) Reports embedded in the package appear to be snapshots (older version numbers in reports); prefer running the bundled scanner yourself rather than relying on packaged reports. Overall: the package is coherent with its purpose, but do manual review and run it in a safe environment when scanning untrusted skill directories.
Capability Analysis
Type: OpenClaw Skill Name: skill-shield Version: 0.6.1 The OpenClaw AgentSkills skill-shield is a security audit tool designed to scan other skills for dangerous patterns. Its `scan.py` code implements robust detection logic, including anti-obfuscation analysis and extensive context-aware false positive reduction mechanisms (e.g., ignoring its own pattern definitions, reducing severity for code in comments/documentation). The `SKILL.md` clearly describes its legitimate security purpose and usage, without any hidden prompt injection commands. While the provided `reports/report.json` and `reports/report.md` show an older version of the scanner (v0.2.0) flagging itself with a 'D' rating due to an undeclared permissions and a false positive `base64_decode` finding, this reflects the scanner's transparency and the developers' subsequent improvements (v0.6.1) to reduce such false positives, rather than malicious intent. The skill's functionality is entirely aligned with its stated purpose of security auditing, with no evidence of data exfiltration, unauthorized execution, or persistence.
Capability Assessment
Purpose & Capability
The name/description (skill-shield, security auditor) matches the code and SKILL.md: it ships a Python scanner (scripts/scan.py) and test harness. There are no unrelated environment variables, binaries, or install steps requested. The scanner's permission-audit feature explains why it will compare declared SKILL.md permissions to tools discovered in code.
Instruction Scope
The runtime instructions tell the agent to run python3 scripts/scan.py on a skill directory — that naturally requires reading all files under the supplied directory (including .env, scripts, docs, etc.). This is expected for a scanner, but you should be aware it will read any sensitive files placed in the scanned directory. The SKILL.md and scanner also intentionally decode base64/hex to detect obfuscation (explains the base64 decode finding).
Install Mechanism
No install spec or third-party downloads are present; the tool is instruction-only and provides Python scripts. This is the lowest-risk install mechanism. It assumes a Python3 runtime available on PATH.
Credentials
The skill declares no required environment variables or credentials. The scanner does look for credential-like strings (e.g., .ssh, .aws) inside scanned content but does not itself request secrets. This is proportionate to an auditing tool.
Persistence & Privilege
The skill does not request permanent inclusion (always: false). It does not modify other skills or system-wide settings. Model invocation is allowed (default), which is normal for skills; there are no additional elevated privileges requested.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install skill-shield
  3. After installation, invoke the skill by name or use /skill-shield
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.6.1
v0.6.1: Performance fix — skip venv/node_modules/dist/.git directories in file discovery. 164 skills batch-scanned in ~8 seconds (was timing out before).
v0.6.0
v0.6.0: Batch scan mode (--batch). Scan entire skill directories at once with summary table output. --json-summary for machine-readable output. Tested on 155 skills.
v0.5.0
SARIF 2.1.0 output
v0.4.1
v0.4.1: Fix false negative where subprocess.run(['sudo',...]) was incorrectly demoted by string literal detection. Added test suite (16 tests, 100% pass). Execution call exclusion now uses regex patterns instead of substring matching.
v0.4.0
v0.4.0: String literal context detection — security tools no longer falsely flagged. 5/9 F-rated security tools reclassified (3→A, 1→C, 2→D). Added: noscan marker, ignore-next-line comment, JS regex literal detection, raw string continuation handling. Zero regressions.
v0.3.1
v0.3.1: Fix SKILL.md markdown false positives (table cells, YAML values, inline code paths). planning-with-files F->A.
v0.3.0
v0.3.0: Dual rating (Security + Compliance), 6 false positive fixes, doc-only skill detection, rating reasons
v0.2.0
v0.2.0: 60+ detection patterns (up from 32), anti-obfuscation layer, CWE references, reduced false positives on documentation strings. Audited 64 ClawHub security skills — 58% rated D/F.
Metadata
Slug skill-shield
Version 0.6.1
License
All-time Installs 1
Active Installs 1
Total Versions 8
Frequently Asked Questions

What is Skill?

Security audit tool for ClawHub skills. Scans a skill directory with 65 detection patterns, anti-obfuscation analysis, and dual rating system (Security + Com... It is an AI Agent Skill for Claude Code / OpenClaw, with 720 downloads so far.

How do I install Skill?

Run "/install skill-shield" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Skill free?

Yes, Skill is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Skill support?

Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Skill?

It is built and maintained by yx2601816404-sys (@yx2601816404-sys); the current version is v0.6.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments