← Back to Skills Marketplace
Claw Secure Auditor
by
emeraldring3134-netizen
· GitHub ↗
· v1.1.1
347
Downloads
0
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install claw-secure-auditor
Description
Security audit tool for ClawHub/OpenClaw skills (static analysis + reputation scoring)
README (SKILL.md)
🛡️ Claw Secure Auditor v1.1.1
Security audit tool for ClawHub/OpenClaw skills with static analysis and reputation scoring.
🚀 Quick Start
1. Configure (optional)
export VIRUSTOTAL_API_KEY="your-api-key-here"
2. Use
# Quick audit (static + reputation)
python3 scripts/auditor.py quick ./my-skill
# Full audit (static + sandbox + VirusTotal)
python3 scripts/auditor.py full ./my-skill
# Pre-publish audit
python3 scripts/auditor.py before-publish ./my-skill
📋 Features
- ✅ Static analysis: 120+ dangerous keyword detection
- ✅ Self-whitelist: auto-mark self as safe
- ✅ Reputation score: 0-100 with Safe/Caution/Dangerous levels
- ✅ JSON report export
- ✅ Read-only operation, no file modification
📊 Risk Levels
| Score | Level | Color |
|---|---|---|
| 90-100 | Safe | 🟢 |
| 70-89 | Caution | 🟡 |
| 0-69 | Dangerous | 🔴 |
📌 Usage Examples
python3 scripts/auditor.py quick ./my-skill
python3 scripts/auditor.py full ./my-skill
python3 scripts/auditor.py before-publish ./my-new-skill
⚠️ Security Note
Read-only operation, no file modification, no external writes, API keys only for public data queries.
📝 Changelog
v1.1.1 (2026-03)
- Simplified metadata for ClawHub compatibility
- Removed complex dependencies
- Kept core audit functionality
v1.1.0 (2026-03)
- Self-whitelist: auto-mark self as safe
- Full English translation
- Improved scoring algorithm
v1.0.0 (2026-03)
- Initial release with 120+ pattern detection
Usage Guidance
What to consider before installing or running this skill:
- The package materials conflict: SKILL.md declares VirusTotal integration and an API key, but the included script only does local static pattern scanning. Ask the author to explain the mismatch and provide source for any network/sandbox components before trusting external features.
- Do not supply a VIRUSTOTAL_API_KEY or other secrets unless you confirm the tool actually uses that API and you trust the author. Right now the key is unnecessary according to the code.
- The tool auto-whitelists itself (SELF_WHITELIST = ['claw-secure-auditor']), so its own self-audit will always be marked Safe. Do not rely solely on this tool's results to make security decisions—perform independent/manual review or use multiple scanners.
- If you want to run it: inspect the Python file yourself or run it in a disposable environment (container or VM) on a non-sensitive copy of the target skill. That ensures the code does what you expect and can't access real credentials.
- Recommended next steps before trusting the skill: request an authoritative source URL and release (the homepage shows a placeholder), request clarity on whether VirusTotal/sandbox features exist and provide code for them, and confirm why registry metadata differs from SKILL.md. If the author cannot justify the discrepancies, treat the tool as untrusted.
Capability Analysis
Type: OpenClaw Skill
Name: claw-secure-auditor
Version: 1.1.1
The OpenClaw Secure Auditor skill bundle is classified as benign. Its primary function is static analysis of other skills, searching for dangerous patterns like shell execution, file deletion, credential exposure, and prompt injection keywords. The `auditor.py` script correctly implements this read-only scanning functionality without executing any of the detected patterns, modifying files, or exfiltrating data. Although `SKILL.md` mentions a `VIRUSTOTAL_API_KEY` and 'reputation scoring' implying external API calls, the provided Python script does not actually utilize this key or make any network requests, which is a functional discrepancy but not indicative of malicious intent. There is no evidence of prompt injection against the agent, obfuscation, or persistence mechanisms.
Capability Assessment
Purpose & Capability
The SKILL.md and README advertise static + sandbox + VirusTotal reputation scoring and include metadata that declares VIRUSTOTAL_API_KEY and a 'requests' dependency, but the actual auditor script only implements local static analysis (pattern scanning) and scoring. The registry metadata at the top lists no required env vars, which contradicts the SKILL.md metadata. Requiring a VirusTotal API key or network requests would be reasonable for a reputation feature — but the code does not use network calls or the requests library, so the declared capabilities and requirements are inconsistent with the implemented capability.
Instruction Scope
Runtime instructions tell users how to run 'quick', 'full', and 'before-publish' audits and advise optionally setting VIRUSTOTAL_API_KEY; but the script only scans files for patterns and never performs sandboxing or external reputation lookups. The instructions therefore overstate what the tool does. The SKILL.md also claims 'read-only' and 'no external writes' which matches the code, but the mention of sandbox and VirusTotal is unsupported and grants the skill broader expected behavior than implemented.
Install Mechanism
There is no install spec (instruction-only), and the tool is delivered as a small Python script included in the package. This is low-risk from an install mechanism perspective because nothing is downloaded or extracted during install. Note: SKILL.md metadata lists a uv package installation for 'requests', but there is no actual install spec in the registry and the script does not import or use 'requests'.
Credentials
SKILL.md metadata and the top of the doc suggest VIRUSTOTAL_API_KEY is used, but the included auditor.py does not read environment variables or call VirusTotal — requesting an API key (a sensitive credential) is not justified by the code. The script also contains a SELF_WHITELIST that auto-marks the skill as safe when auditing itself; this behavior is reasonable for self-audits but can be misleading or abused if not clearly documented.
Persistence & Privilege
The skill does not request persistent privileges (always:false) and the code claims read-only behavior. The script reads files in the target skill path but does not modify files or alter other skills' configurations. This aligns with expected privilege levels.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install claw-secure-auditor - After installation, invoke the skill by name or use
/claw-secure-auditor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.1
v1.1.1
- Simplified metadata for wider ClawHub compatibility
- Removed complex dependencies; now requires only Python 3 and `requests`
- Maintained core audit features: static analysis and reputation scoring
- Updated documentation and usage instructions for easier setup
v1.1.0
claw-secure-auditor v1.1.0
Fully automated ClawHub/OpenClaw skill sandbox auditor with real-time reputation scoring (static analysis + execution testing + VirusTotal + ClawHub community scoring).
Metadata
Frequently Asked Questions
What is Claw Secure Auditor?
Security audit tool for ClawHub/OpenClaw skills (static analysis + reputation scoring). It is an AI Agent Skill for Claude Code / OpenClaw, with 347 downloads so far.
How do I install Claw Secure Auditor?
Run "/install claw-secure-auditor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Claw Secure Auditor free?
Yes, Claw Secure Auditor is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Claw Secure Auditor support?
Claw Secure Auditor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Claw Secure Auditor?
It is built and maintained by emeraldring3134-netizen (@emeraldring3134-netizen); the current version is v1.1.1.
More Skills