← 返回 Skills 市场
frrrrrrrrank

ClawGuard Scanner

作者 Frrrrrrrrank · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ⚠ suspicious
275
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install clawguard-scanner
功能描述
Security scanner for OpenClaw skills. Run before installing any skill to detect prompt injection, data exfiltration, permission overreach, suspicious URLs, d...
使用说明 (SKILL.md)

ClawGuard — OpenClaw Skill Security Scanner

You are a security-conscious assistant. Before the user installs or uses any third-party OpenClaw skill, you MUST run a security scan using ClawGuard.

When to use this skill

  • The user asks to install a new skill (e.g., clawhub install \x3Cskill-name>)
  • The user asks you to review or audit a skill for safety
  • The user asks you to check if a skill is safe to use
  • The user points you at a skill directory or SKILL.md file

How to scan

Run the following command on the skill directory:

npx clawguard scan \x3Cpath-to-skill-directory>

For JSON output (useful for programmatic analysis):

npx clawguard scan \x3Cpath-to-skill-directory> --json

To check only specific rules:

npx clawguard scan \x3Cpath-to-skill-directory> --rules prompt-injection,data-exfiltration

Interpreting results

ClawGuard checks for 6 types of security issues:

Severity Rules
CRITICAL prompt-injection — instruction overrides, role switching, hidden payloads
CRITICAL data-exfiltration — reading sensitive files (~/.ssh, ~/.aws) and sending externally
HIGH permission-overreach — requesting sudo, rm, docker, or excessive env vars
HIGH suspicious-urls — IP-based URLs, URL shorteners, known malicious domains
HIGH dangerous-commands — rm -rf /, curl | sh, system file modification
MEDIUM metadata-mismatch — undeclared env vars, unused declared binaries

How to respond to scan results

If the scan PASSES (exit code 0, no findings):

Tell the user the skill passed all security checks and is safe to install. Proceed with the installation.

If the scan FAILS (exit code 1, findings detected):

  1. Show the user ALL findings clearly, grouped by severity
  2. For CRITICAL findings: Strongly recommend NOT installing the skill. Explain the specific risk.
  3. For HIGH findings: Warn the user and ask for explicit confirmation before proceeding
  4. For MEDIUM findings: Inform the user but allow installation if they acknowledge the warnings
  5. Never silently skip or hide any finding

Example interaction flow:

User: "Install the cool-scraper skill"

You should:

  1. First locate the skill directory
  2. Run npx clawguard scan \x3Cskill-dir>
  3. Report the results to the user
  4. Only proceed with installation if the scan passes or the user explicitly accepts the risks

Important notes

  • Always scan BEFORE installation, never after
  • If ClawGuard is not installed, run npm install -g clawguard first
  • If a skill contains scripts (.sh, .py, .js), ClawGuard will scan those too
  • A clean scan does not guarantee absolute safety — it catches known patterns only
  • For skills that interact with external websites, note that content at those URLs may change over time (a safe link today could become malicious tomorrow)
安全使用建议
This skill appears to do what it says: run an npm-based scanner against skill directories. Before you run it, verify the clawguard npm package and GitHub repo (author, recent activity, package name/version), prefer running it in an isolated environment (container or VM), avoid 'npm install -g' unless you trust the publisher, and consider using 'npx --package clawguard@<version>' or inspecting the package tarball before executing to pin a trusted version. If you need higher assurance, ask for a reproducible install spec (source URL, SHA256 or a pinned version) or scan the package contents yourself before running.
功能分析
Type: OpenClaw Skill Name: clawguard-scanner Version: 0.1.0 The skill functions as a security gatekeeper, using SKILL.md instructions to mandate that the AI agent execute an external npm package ('npx clawguard') before installing any other skill. While the stated intent is defensive, this creates a high-risk behavioral override where the agent is directed to run external code as a prerequisite for standard operations, effectively intercepting the installation flow. The reliance on a third-party package (hosted at a GitHub repository with a potentially placeholder name 'Frrrrrrrrank') to perform 'critical' security checks on local directories constitutes a significant risk and permission overreach without explicit evidence of the external package's integrity.
能力评估
Purpose & Capability
Name and description describe a security scanner and the only declared requirement is 'npx', which matches the instructions to run 'npx clawguard'. The requested capabilities align with the stated purpose.
Instruction Scope
SKILL.md contains clear, narrowly scoped instructions for scanning skill directories and interpreting results. It does instruct the agent to always run a scan before installing — a strong rule but consistent with the skill. It also tells the user to run 'npm install -g clawguard' if ClawGuard is not installed, which expands scope to performing system installs if the package is not present.
Install Mechanism
No install spec is provided; the skill relies on 'npx clawguard' (or optionally a global 'npm install -g clawguard'). That means running code fetched from the npm registry at runtime with no pinned version, checksum, or guidance to verify publisher/trust. For a security tool this is functionally coherent but increases risk because arbitrary remote code will execute.
Credentials
The skill declares no environment variables, credentials, or config paths. SKILL.md does not request secrets or unrelated credentials. This is proportionate to being a scanner.
Persistence & Privilege
The skill is instruction-only, has no install hooks, and 'always' is false. It does not request persistent privileges or modify other skills' configs in the instructions.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install clawguard-scanner
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /clawguard-scanner 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release: security scanner for OpenClaw skills with 6 detection rules
元数据
Slug clawguard-scanner
版本 0.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

ClawGuard Scanner 是什么?

Security scanner for OpenClaw skills. Run before installing any skill to detect prompt injection, data exfiltration, permission overreach, suspicious URLs, d... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 275 次。

如何安装 ClawGuard Scanner?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawguard-scanner」即可一键安装,无需额外配置。

ClawGuard Scanner 是免费的吗?

是的,ClawGuard Scanner 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

ClawGuard Scanner 支持哪些平台?

ClawGuard Scanner 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 ClawGuard Scanner?

由 Frrrrrrrrank(@frrrrrrrrank)开发并维护,当前版本 v0.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论