← Back to Skills Marketplace
ClawHub Security Scan
by
yuyiyuleyuli-cloud
· GitHub ↗
· v1.1.2
· MIT-0
98
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install clawhub-security-scan
Description
Pre-publish security scan for ClawHub skills - Scans code for patterns that might get flagged as suspicious and gives fixing suggestions.
README (SKILL.md)
ClawHub Security Scan
Pre-publish security scan for ClawHub skills. Scans your skill code for patterns that might trigger automatic suspicious flagging on ClawHub, and gives actionable fixing suggestions.
Commands
| Command | Description |
|---|---|
scan.py |
Scan a skill folder for suspicious patterns |
precheck.py |
Interactive pre-publish checklist wizard - step-by-step security check before publishing |
review.py |
Review scan results and get modification suggestions |
Usage
# Scan a skill folder
python scripts/scan.py --path ./my-skill
What it scans
Scans for code patterns that commonly trigger ClawHub VirusTotal Code Insight suspicious flagging:
🔴 High Risk (really dangerous, should fix)
- Reads sensitive files (
/etc/passwd,~/.ssh/*,id_rsa, etc.) - Uses dangerous functions (
eval(),exec(),execfile()) without validation - Dynamic code execution from untrusted sources
- Hard-coded API keys/tokens in source code
🟡 Medium Risk (may trigger false positive flagging, need review)
- Reads environment variables for API keys (normal & safe, but triggers flag)
- Makes external HTTP/HTTPS requests (normal for most skills, but triggers flag)
- Uses
subprocess,os.systemto run system commands - Downloads code from external sources
🟢 Good Practice
- Reads environment variables instead of hard-coding keys
- All network requests go to known public APIs
- No arbitrary code execution
Output
- Gives each file a risk rating (High/Medium/Low/Good)
- Lists the line numbers and patterns found
- Gives specific modification suggestions
- Exits with non-zero code if high risk issues found
Pricing
0.001 USDT per call, billed via SkillPay.me.
Custom Configuration
You can create a .clawhub-security file in your skill root to ignore specific patterns that you know are safe:
# .clawhub-security - ignore patterns that are safe
ignore: high-entropy-secret # ignore the high-entropy warning for your SkillID
ignore: os\.environ # ignore environment variable warnings
One pattern per line. Lines starting with # are comments.
Why use this
ClawHub automatically scans published skills with VirusTotal Code Insight. Some perfectly normal patterns (like reading env vars or making API requests) get flagged as "suspicious" scaring users. This tool helps you find and address those issues before publishing.
This tool doesn't guarantee you won't get flagged, but it greatly reduces the chance.
Usage Guidance
This skill appears to implement the promised pre-publish scanner, but it charges 0.001 USDT per call by calling SkillPay.me and expects a SkillPay API key (SKILLPAY_API_KEY) which is not declared in the registry metadata. Before installing or running: 1) Confirm you trust the payment endpoint (https://skillpay.me) and the skill author; 2) Expect to provide a SKILLPAY_API_KEY (or pass --api-key) and a user-id when running the interactive precheck — the script will attempt to charge that key; 3) If you want to avoid unexpected charges, run scan.py directly (it also exposes a scan mode) and inspect the code locally; 4) Ask the publisher to update the registry manifest to declare required env vars and clearly document billing behavior in SKILL.md; 5) If you audit before running, review the full scripts for any code that might send scanned file contents elsewhere — in the visible code the only external POST is the billing call, but always verify before providing credentials.
Capability Analysis
Type: OpenClaw Skill
Name: clawhub-security-scan
Version: 1.1.2
The skill bundle provides a security scanning utility that includes a monetization mechanism via an external API (https://skillpay.me). While the code appears to perform its stated function of identifying insecure patterns, it exhibits risky behaviors such as broad local file system access and the transmission of API credentials (SKILLPAY_API_KEY) to a third-party endpoint. These capabilities, found in scripts/scan.py and scripts/precheck.py, are classified as suspicious because they involve external network communication and sensitive credential handling, even though they are aligned with the stated commercial purpose in SKILL.md.
Capability Assessment
Purpose & Capability
The code (scan.py, review.py, precheck.py) implements a code scanner and a pre-publish checklist consistent with the skill's stated purpose. However, the scripts include SkillPay billing logic (POSTs to https://skillpay.me and reading SKILLPAY_API_KEY) while the registry metadata declares no required environment variables or primary credential. Charging behavior is mentioned in SKILL.md but the required credential (SKILLPAY_API_KEY) is not declared in the skill manifest — this is an incoherence that affects trust and transparency.
Instruction Scope
SKILL.md instructs running the provided scripts and lists a per-call price, which matches the code. But the interactive precheck (precheck.py) will attempt to charge before running and requires a user-id and an API key (or environment variable) to succeed. The SKILL.md does not explicitly document the exact env var name (SKILLPAY_API_KEY) or the full shape of the network POST, which means users may be surprised by a networked billing step tied to an undeclared secret.
Install Mechanism
No install spec is present (instruction-only + shipped scripts). No downloads or archive extraction are performed during install. This is low-risk from an install footprint perspective.
Credentials
The scripts read environment variables (os.environ) to obtain SKILLPAY_API_KEY for billing. Requesting a payment API key is proportionate to a paid tool, but the skill metadata does not declare this required env var or primary credential. Also the scanner will by design inspect files and environment-variable usage in user repositories (which is expected for a scanner) — users should understand those file reads happen locally and the script will not (based on visible code) exfiltrate scanned file contents, but it does send billing-related data (user_id, skill_id, amount) to an external endpoint. The undeclared credential + external network call is the main proportionality concern.
Persistence & Privilege
The skill is not forced-always, does not request elevated platform privileges, and does not modify other skills or global agent configuration. Autonomous invocation is enabled (the platform default), but that's not combined here with other broad privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clawhub-security-scan - After installation, invoke the skill by name or use
/clawhub-security-scan - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.2
Update SkillPay Skill ID
v1.1.1
Update SkillPay Skill ID
v1.1.0
Add SkillPay billing 0.001 USDT per call
v1.0.0
Initial release: Pre-publish security scan - finds patterns that might get flagged as suspicious on ClawHub
Metadata
Frequently Asked Questions
What is ClawHub Security Scan?
Pre-publish security scan for ClawHub skills - Scans code for patterns that might get flagged as suspicious and gives fixing suggestions. It is an AI Agent Skill for Claude Code / OpenClaw, with 98 downloads so far.
How do I install ClawHub Security Scan?
Run "/install clawhub-security-scan" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is ClawHub Security Scan free?
Yes, ClawHub Security Scan is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does ClawHub Security Scan support?
ClawHub Security Scan is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created ClawHub Security Scan?
It is built and maintained by yuyiyuleyuli-cloud (@yuyiyuleyuli-cloud); the current version is v1.1.2.
More Skills