← Back to Skills Marketplace
Skill Auditor v2
by
aiwithabidi
· GitHub ↗
· v2.0.0
619
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install skill-auditor-v2
Description
Security scanner for OpenClaw skills. Detects malicious code, obfuscated payloads, prompt injection, social engineering, typosquatting, and data exfiltration...
Usage Guidance
This skill appears to be what it says: a Python-based auditor plus a shell quarantine helper. Before running it, review the bundled audit_skill.py (it will scan files and may fetch remote slugs) and quarantine.sh yourself, and run them in an isolated environment (container or VM) on untrusted skills. Be aware the --slug mode will perform network fetches to retrieve remote skills — if you need to avoid network I/O, run the auditor only against local directories. Confirm the default production directory in quarantine.sh matches your environment before approving any automatic copy/installation, and inspect audit-report.json results before installing any audited skill. The pre-scan prompt-injection flag is explained by the auditor including a list of injection signatures; this is expected but always worth a quick manual check because such patterns could be abused if the skill were modified by a malicious actor.
Capability Analysis
Type: OpenClaw Skill
Name: skill-auditor-v2
Version: 2.0.0
The OpenClaw AgentSkills skill 'skill-auditor-v2' is a security scanner designed to detect malicious code, prompt injection, and data exfiltration in other skills. All analyzed files (code and documentation) are consistent with this stated purpose. The `audit_skill.py` script implements various detection layers, including static analysis, deobfuscation, and threat intelligence, but these are for *detecting* threats in *other* skills, not for performing malicious actions itself. The `quarantine.sh` script orchestrates the audit and offers conditional installation of *other* skills after explicit user confirmation. The use of `subprocess.run` to execute `clawhub inspect` for fetching remote skills is a legitimate function for an auditor and is implemented in a manner that mitigates direct shell injection (passing arguments as a list). No evidence of intentional harmful behavior, data exfiltration, backdoors, or prompt injection against the agent by *this* skill was found.
Capability Assessment
Purpose & Capability
Name/description indicate a security scanner; required binary is only python3; included files (audit_skill.py, quarantine.sh, IoC DB and pattern docs) match that purpose. Nothing in metadata asks for unrelated cloud credentials or system-wide privileges.
Instruction Scope
SKILL.md instructs the agent to run the included Python scanner or the quarantine shell script against a provided skill path or slug. The doc and reference files include prompt‑injection signatures (e.g., 'ignore previous instructions') which triggered a pre-scan warning — this appears to be part of the scanner's rule set (expected) rather than an attempt to override the evaluator. The scanner may fetch remote skills when run with --slug (network I/O) — this is expected for a tool that audits remote packages, but you should be aware it will contact ClawHub or whatever remote endpoint the script implements.
Install Mechanism
No installer or external download is declared. This is instruction + code bundled in the skill. No remote archive downloads or extract steps are performed by the registry metadata. Running the tools will execute local Python code only.
Credentials
The skill declares no required environment variables or credentials. The scanner contains detection rules to look for many API‑key patterns and config paths but does not itself require any external secrets to operate.
Persistence & Privilege
The skill is not always-enabled, does not request persistent system changes in metadata, and the quarantine script only copies quarantined files into a production directory if the user explicitly consents. No elevated platform privileges are requested in metadata.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-auditor-v2 - After installation, invoke the skill by name or use
/skill-auditor-v2 - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.0.0
Merged best of 3 auditors: Python static analysis + deobfuscation + 0-100 scoring + MITRE ATT&CK + IoC database + social engineering detection + typosquat checks + zero-width char detection
Metadata
Frequently Asked Questions
What is Skill Auditor v2?
Security scanner for OpenClaw skills. Detects malicious code, obfuscated payloads, prompt injection, social engineering, typosquatting, and data exfiltration... It is an AI Agent Skill for Claude Code / OpenClaw, with 619 downloads so far.
How do I install Skill Auditor v2?
Run "/install skill-auditor-v2" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skill Auditor v2 free?
Yes, Skill Auditor v2 is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Skill Auditor v2 support?
Skill Auditor v2 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skill Auditor v2?
It is built and maintained by aiwithabidi (@aiwithabidi); the current version is v2.0.0.
More Skills