← 返回 Skills 市场
2828
总下载
3
收藏
17
当前安装
1
版本数
在 OpenClaw 中安装
/install ai-skill-scanner
功能描述
Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, scan for credential exfiltration, detect prompt injection, or review skill security. Triggers on security audit, skill safety check, malware scan, or trust verification.
使用说明 (SKILL.md)
Skill Security Scanner
Scan skills for malicious patterns before installation. Detects credential exfiltration, suspicious network calls, obfuscated code, prompt injection, and other red flags.
Quick Start
# Scan a local skill folder
python3 scripts/scan.py /path/to/skill
# Verbose output (show matched lines)
python3 scripts/scan.py /path/to/skill --verbose
# JSON output (for automation)
python3 scripts/scan.py /path/to/skill --json
Workflow: Scan Before Install
- Download or locate the skill folder
- Run
python3 scripts/scan.py \x3Cskill-path> --verbose - Review findings by severity (CRITICAL/HIGH = do not install)
- Report results to user with recommendation
Score Interpretation
| Score | Meaning | Recommendation |
|---|---|---|
| CLEAN | No issues found | Safe to install |
| INFO | Minor notes only | Safe to install |
| REVIEW | Medium-severity findings | Review manually before installing |
| SUSPICIOUS | High-severity findings | Do NOT install without thorough manual review |
| DANGEROUS | Critical findings detected | Do NOT install — likely malicious |
Exit Codes
0= CLEAN/INFO1= REVIEW2= SUSPICIOUS3= DANGEROUS
Rules Reference
See references/rules.md for full list of detection rules, severity levels, and whitelisted domains.
Limitations
- Pattern-based detection — cannot catch all obfuscation techniques
- No runtime analysis — only static scanning
- False positives possible for legitimate tools that access network/files
- Always combine with manual review for HIGH/MEDIUM findings
安全使用建议
This package appears to be a legitimate static scanner, but you must treat the scanner code as untrusted third‑party code because running it will execute Python on your system. Before running it: (1) review scripts/advanced_checks.py and scripts/scan.py for use of exec/eval, subprocess calls, or network-sending code; (2) run the scanner only in an isolated environment (docker container, VM) with no network access and limited filesystem permissions; (3) search the files for dynamic execution patterns (eval/exec, subprocess/os.system), long encoded strings, or hardcoded endpoints; (4) note the many '# noscan' markers used in the code — these can hide lines from other scanners and merit a manual review of the surrounding code; (5) prefer scanner copies from a known/trusted source (official homepage or repo) rather than an unknown origin; and (6) if you only need static scanning, consider running a minimal, well-audited scanner instead of executing unfamiliar full-featured scripts. If you want, I can highlight specific lines to inspect or extract suspicious patterns from the source files for a focused review.
功能分析
Type: OpenClaw Skill
Name: ai-skill-scanner
Version: 2.1.0
This skill bundle is a security scanner designed to detect vulnerabilities, malicious code, and suspicious patterns in other OpenClaw/Clawdbot skills. The code (`scripts/scan.py` and `scripts/advanced_checks.py`) performs static analysis, including regex matching, AST parsing, and data flow analysis, to identify indicators of compromise such as credential exfiltration, remote code execution, persistence mechanisms, and prompt injection attempts. The skill itself does not exhibit any malicious behavior; it reads local files for analysis and outputs findings, without making unauthorized network calls, writing to sensitive system locations, or executing arbitrary code from the scanned content. The `SKILL.md` instructions are benign and guide the AI agent on how to use the scanner, without attempting prompt injection against the agent.
能力评估
Purpose & Capability
Name/description align with the shipped assets: scripts/scan.py and scripts/advanced_checks.py implement static rules, entropy checks, payload decoding, dependency checks, and scanning of package.json/requirements — all reasonable for a skill scanner. No unrelated env vars, binaries, or install hooks are requested.
Instruction Scope
SKILL.md instructs the agent/user to run the supplied Python scanner against a local skill folder (python3 scripts/scan.py <skill-path>). That instruction is within scope, but it means the agent/operator will execute code included with the skill (the scanner itself). The scanner will read many files inside the target skill (package.json, requirements, source files) and perform decoding and AST/static checks — expected, but requires executing the scanner code on your environment.
Install Mechanism
No install spec provided (instruction-only meta plus Python scripts). No external downloads or install actions are declared. This minimizes supply-chain install risk, but executing the included Python files still runs third-party code.
Credentials
The skill requests no environment variables or credentials (proportionate). However, the scanner's rules explicitly look for credential access patterns in target code (e.g., os.environ, process.env) — which is appropriate for a scanner. Important: the scanner will be executed locally, so it will have whatever filesystem and runtime privileges the executor provides; no additional credentials are required by the skill itself.
Persistence & Privilege
Flags show always:false and user-invocable:true; the skill does not request persistent/automatic inclusion or system-wide config changes. There are no install scripts or persistent agents declared.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install ai-skill-scanner - 安装完成后,直接呼叫该 Skill 的名称或使用
/ai-skill-scanner触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.1.0
12-layer security scanner for AI agent skills. Detects credential theft, prompt injection, malicious dependencies.
元数据
常见问题
AI Skill Scanner 是什么?
Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, scan for credential exfiltration, detect prompt injection, or review skill security. Triggers on security audit, skill safety check, malware scan, or trust verification. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2828 次。
如何安装 AI Skill Scanner?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install ai-skill-scanner」即可一键安装,无需额外配置。
AI Skill Scanner 是免费的吗?
是的,AI Skill Scanner 完全免费(开源免费),可自由下载、安装和使用。
AI Skill Scanner 支持哪些平台?
AI Skill Scanner 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 AI Skill Scanner?
由 HugoSbl(@hugosbl)开发并维护,当前版本 v2.1.0。
推荐 Skills