← Back to Skills Marketplace
Skills Audit
by
ucloud-securiry
· GitHub ↗
· v1.5.3
· MIT-0
268
Downloads
0
Stars
1
Active Installs
18
Versions
Install in OpenClaw
/install skills-audit
Description
Security audit + append-only logging + monitoring for OpenClaw skills (file-level diff, baseline approval, SHA-256 integrity).
Usage Guidance
This skill appears to be what it says: a local static auditor and monitor. Before enabling it, note: (1) it will read all files under your workspace/skills and store snapshots and NDJSON logs under ~/.openclaw/skills-audit—these logs can include file snippets and paths, so review their permissions; (2) the optional remote intel lookup (QianXin SafeSkill) requires you to add your token to config/intelligent.json—leave it disabled unless you trust that service and understand that only a bundle MD5 is sent, not full files; (3) the tool executes local subprocesses such as git and the included helper scripts—ensure git is installed and review the scripts if you want to audit exact behavior; (4) the skill deliberately does not auto-create cron jobs, so you must explicitly add scheduling if desired; (5) minor implementation note: the code has a default config fallback for QianXin that may differ from the shipped intelligent.json default, but the shipped config sets enabled:false—verify config/intelligent.json to be sure remote queries remain disabled. If you need to be extra cautious, run the scanner once in a restricted environment, inspect ~/.openclaw/skills-audit/logs.ndjson, and keep the QianXin token empty.
Capability Analysis
Type: OpenClaw Skill
Name: skills-audit
Version: 1.5.3
The bundle is a legitimate security auditing and monitoring tool for OpenClaw skills. It implements static analysis, git-based version tracking, and risk scoring using local rules and an optional, opt-in remote threat intelligence API (QianXin SafeSkill) that only transmits bundle hashes. The Python scripts (`skills_audit.py`, `skills_watch_and_notify.py`) are well-structured, use standard libraries, and perform actions consistent with the stated purpose of auditing. Crucially, the `SKILL.md` instructions contain defensive guidelines for the AI agent, explicitly prohibiting the automatic creation of cron jobs and mandating that the agent provide safe summaries of code changes rather than exfiltrating raw diffs to external channels.
Capability Tags
Capability Assessment
Purpose & Capability
The name/description match the included files and behavior: Python scripts that scan workspace/skills, compute hashes, take git snapshots, write NDJSON logs, produce diffs, and generate notifications. Required components (Python, git) and the config files are appropriate for an audit/monitoring tool; there are no unrelated credential or cloud dependencies declared.
Instruction Scope
Runtime instructions and the code limit themselves to static analysis, file I/O under the workspace and ~/.openclaw/skills-audit, git subprocess calls, and local helper scripts. The skill explicitly states it will not execute audited skill code. It does perform controlled subprocess calls (git, git diff) and may make an optional remote MD5 query to QianXin SafeSkill when the user enables that feature.
Install Mechanism
No install spec or remote downloads are present; this is an instruction+script package that relies on the local Python runtime and git. Nothing in the package fetches or extracts arbitrary external code by default.
Credentials
The skill requests no environment variables or credentials by default. It can optionally use a user-supplied QianXin token (kept in config/intelligent.json) to query remote intel by bundle MD5; that is reasonable for an opt-in threat-intel feature but is the only remote-credential requirement. The tool will read the entire workspace/skills tree and write logs/snapshots under ~/.openclaw/skills-audit, which can contain snippets of code and file paths—so log contents are sensitive and proportional to its function.
Persistence & Privilege
always:false and the skill does not auto-create system-wide cron jobs. It writes only to its own directory under the user's home (~/.openclaw/skills-audit) and manages its own baseline/log files. It does not request elevated system privileges or modify other skills' configurations.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skills-audit - After installation, invoke the skill by name or use
/skills-audit - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.5.3
Clarify audit scope, improve safe notification behavior, and refine risk/semantic handling
v1.4.1
Restore display name to Skills Audit
v1.4.0
**v1.4.0 – Changelog**
- Updated version to 1.4.0 and synchronized documentation (SKILL.md, SKILL_zh-CN.md) for consistency.
- Enhanced risk rule configuration in `config/risk-rules.json`.
- Improved logging schema and log handling in `log-template.json`.
- Refined documentation for scripts and usage in `scripts/README.md`.
- Made significant updates to main scripts (`scripts/skills_audit.py`, `scripts/skills_watch_and_notify.py`) to improve audit, monitoring, and notification reliability.
- General improvements to static analysis robustness and notification clarity.
v1.3.2
fix: show file details for newly added/removed skills in notifications, not just changed ones
v1.3.1
fix: exclude risk-rules.json from QianXin upload zip to prevent self-flagging as extreme
v1.3.0
feat: integrate QianXin SafeSkill remote scanning — QianXin-first with transparent local fallback, zero new dependencies
v1.2.0
v1.2.0: context-aware risk scoring, file-level diff with git snapshots, baseline approval, SHA-256 integrity, externalized risk rules with 14 categories, auto-start directive
v1.1.6
fix: correct display name to skills-audit
v1.1.5
fix: skip risk-rules.json during scan to avoid self-flagging as extreme risk
v1.1.4
feat: context-aware risk scoring with 10 skill profiles — skills are now evaluated based on their intended purpose, dramatically reducing false positives
v1.1.3
fix: remove overly broad CODE_INJECTION patterns (backtick, ${ , $( , {{ ) that caused false positive high-risk on normal Markdown files
v1.1.2
fix: remove dangerous keyword literals from Python code to avoid false positive flagging by security scanners
v1.1.1
v1.1.1: externalize risk rules to config/risk-rules.json with 14 categories and 200+ threat detection needles
v1.1.0
v1.1.0: SHA-256 integrity, file-level diff with git snapshots, baseline approval, notification template extraction, auto-start directive, show command for human-readable summaries, Python version check
v1.0.3
Publish a fresh 1.0.3 release alongside the new clean slug.
v1.0.2
Republish under original slug with clean package after removing flagged earlier history.
v1.0.1
Remove bundled _meta.json and republish clean package.
v1.0.0
Initial publish: static security audit, append-only logs, and change monitoring notifications.
Metadata
Frequently Asked Questions
What is Skills Audit?
Security audit + append-only logging + monitoring for OpenClaw skills (file-level diff, baseline approval, SHA-256 integrity). It is an AI Agent Skill for Claude Code / OpenClaw, with 268 downloads so far.
How do I install Skills Audit?
Run "/install skills-audit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skills Audit free?
Yes, Skills Audit is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Skills Audit support?
Skills Audit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skills Audit?
It is built and maintained by ucloud-securiry (@ucloud-sec); the current version is v1.5.3.
More Skills