← Back to Skills Marketplace
1422
Downloads
0
Stars
2
Active Installs
3
Versions
Install in OpenClaw
/install scan-skill
Description
Deep security analysis of an individual skill before installation
Usage Guidance
This skill appears to do exactly what it says: run a local scanner on a skill directory. Before using it, (1) review the bundled scripts yourself (you have them in the package) to confirm they don't execute code from scanned projects, (2) run the scanner in a sandbox or with least-privilege access if you will scan untrusted repositories, and (3) only point it at directories you intend to expose to a scanner (it will read files and report secrets it finds). The presence of 'Bash' in allowed-tools is explainable (the scanner runs via a shell command) and is mitigated by disable-model-invocation: true, but if you prefer extra caution, run the included python script manually in your environment rather than granting tool execution to an agent.
Capability Analysis
Type: OpenClaw Skill
Name: scan-skill
Version: 1.1.1
The scan-skill bundle is a security auditing tool designed to perform deep analysis of other OpenClaw skills for vulnerabilities and malicious patterns. It utilizes a comprehensive database of detection signatures in scripts/patterns.py and a scanning engine in scripts/scan_skill.py to identify risks such as prompt injection, data exfiltration, and supply chain attacks. While the tool requires Bash access and performs network requests to verify package legitimacy on PyPI/npm, its behavior is transparently documented, aligned with its defensive purpose, and includes security best practices like disabling model auto-invocation in SKILL.md.
Capability Assessment
Purpose & Capability
Name/description claim a pre-install scanner and the package contains a scanner (scripts/scan_skill.py) plus a pattern database (scripts/patterns.py). The allowed tools (Read, Glob, Grep, Bash) and the instruction to run the included python scanner are consistent with scanning a skill directory.
Instruction Scope
SKILL.md instructs the agent (or user) to run the included python scanner against a target skill directory. The scanner reads all files under the provided directory and reports findings (including secrets). That file I/O is expected for this purpose, but be aware the tool will enumerate and print contents from whatever path you point it at — so only scan directories you intend to inspect.
Install Mechanism
No install spec — instruction-only with bundled scripts. The scanner code is included directly in the skill (no external downloads or package installs), which is proportionate for a local analysis tool.
Credentials
The skill requests no environment variables or external credentials. The pattern database contains regexes to detect secrets, but the skill itself does not require or access secrets from your environment.
Persistence & Privilege
Registry flags show disable-model-invocation: true and always is false. The skill is not auto-invocable and does not request persistent/system-wide changes. It does not attempt to modify other skills' configs in the provided code.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install scan-skill - After installation, invoke the skill by name or use
/scan-skill - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.1
- Expand pattern database from ~70 to 151 patterns across 15 categories
- Add 5 new categories: code_before_review, config_backdoor, memory_corruption, confused_delegation, persistence
- Add live package verification -- pip/npm install commands checked against PyPI/npm in real time
- Non-existent packages flagged CRITICAL (slopsquatting/hallucination detection)
- New coverage: reverse shells, cloud IMDS, env var hijacking, persistence mechanisms, dependency confusion, GitHub Actions poisoning, 16+ obfuscation techniques
- Document advisory hook behavior in SKILL.md
v1.1.0
- Added detailed documentation about advisory PreToolUse hooks in `.claude/settings.json` that warn on dangerous Bash and Write tool operations.
- Clarified that scan-skill serves as the detection layer, with hooks providing supplementary runtime warnings.
- Included guidance on how to enforce blocking (by returning `{"decision": "block"}`) instead of warnings.
- No changes to the skill's functionality or code.
v1.0.0
Initial release of scan-skill: an individual skill security analyzer.
- Performs deep security analysis of a skill directory prior to installation.
- Checks for injection techniques, hidden commands, and dangerous field combinations in SKILL.md.
- Analyzes scripts, permissions, encoding/obfuscation patterns, and dynamic context usage.
- Produces a structured, severity-ranked report with recommendations and a file inventory.
- Intended for pre-installation review of public, external, or contributed skills.
Metadata
Frequently Asked Questions
What is Scan Skill?
Deep security analysis of an individual skill before installation. It is an AI Agent Skill for Claude Code / OpenClaw, with 1422 downloads so far.
How do I install Scan Skill?
Run "/install scan-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Scan Skill free?
Yes, Scan Skill is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Scan Skill support?
Scan Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Scan Skill?
It is built and maintained by ItsNishi (@itsnishi); the current version is v1.1.1.
More Skills