← 返回 Skills 市场
0xrapi

isnad-scan

作者 Rapi · GitHub ↗ · v1.0.0
cross-platform ✓ 安全检测通过
518
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install isnad-scan
功能描述
Scan AI agent skills for security vulnerabilities — detects code injection, prompt injection, credential exfiltration, supply chain attacks, and 69+ threat p...
使用说明 (SKILL.md)

isnad-scan — Security Scanner for AI Agent Skills

Scan any skill, package, or directory for security threats before installing or running it.

Quick Scan

isnad-scan \x3Cpath>

Scans a directory and reports findings by severity (CRITICAL, HIGH, MEDIUM, LOW).

Options

isnad-scan \x3Cpath> --cve          # Also check dependencies for known CVEs (via OSV.dev)
isnad-scan \x3Cpath> -v             # Verbose output (show matched lines)
isnad-scan \x3Cpath> --json         # Machine-readable JSON output
isnad-scan \x3Cpath> --cve -v       # Full audit: CVEs + verbose findings

What It Detects (69+ patterns)

Code Injection — shell execution, eval, exec, subprocess, os.system, dynamic imports Prompt Injection — role override attempts, instruction hijacking, jailbreak patterns Credential Exfiltration — env var harvesting, keychain access, token theft, file reads of sensitive paths Network Threats — reverse shells, DNS exfiltration, unauthorized outbound connections, webhook data leaks Filesystem Attacks — path traversal, symlink attacks, /etc/passwd reads, SSH key access Supply Chain — typosquatting detection, minified JS analysis, binary file scanning, hidden files Crypto Risks — weak algorithms, hardcoded keys, wallet seed extraction

When to Use

  1. Before installing a new skill — scan the skill directory first
  2. Auditing existing skills — periodic security review
  3. Reviewing PRs/contributions — catch malicious code in submissions
  4. Pre-publish validation — ensure your own skills are clean before sharing
  5. CI/CD integrationisnad-scan . --json for automated checks

Interpreting Results

🔴 CRITICAL  — Immediate threat. Do not install/run.
🟠 HIGH      — Likely malicious or dangerous. Review carefully.
🟡 MEDIUM    — Suspicious pattern. May be legitimate, verify intent.
🔵 LOW       — Informational. Common in legitimate code but worth noting.

Examples

Scan a ClawHub skill before installing:

isnad-scan ./skills/some-new-skill/

Full audit with CVE checking:

isnad-scan ./skills/some-new-skill/ --cve -v

JSON output for automation:

isnad-scan . --json | python3 -c "import sys,json; d=json.load(sys.stdin); print(f'{d[\"summary\"][\"critical\"]} critical, {d[\"summary\"][\"high\"]} high')"

Python API

from isnad_scan import scan_directory

results = scan_directory("/path/to/skill")
for finding in results.findings:
    print(f"[{finding.severity}] {finding.category}: {finding.description}")
    print(f"  File: {finding.file}:{finding.line}")

About ISNAD

ISNAD (إسناد) means "chain of transmission" — a method for verifying the authenticity of transmitted knowledge. isnad-scan is the security layer of the ISNAD Protocol, bringing trust verification to the AI agent skill ecosystem.

PyPI: pip install isnad-scan GitHub: counterspec/isnad Protocol: isnad.md

安全使用建议
This skill appears to be a thin integration for the isnad-scan tool and is coherent with its description. Before installing: (1) verify the pip package and GitHub repo (pip install isnad-scan / https://github.com/counterspec/isnad) to ensure you trust the upstream maintainer; (2) if you care about privacy, run scans on copies of sensitive data and be aware that --cve will perform network queries to OSV.dev; (3) inspect the isnad-scan package source (or GitHub) before pipx installing, since the Python import example means code will run inside your agent process; (4) confirm whether the tool performs any dynamic execution of scanned code or telemetry/remote uploads (not documented in SKILL.md). These checks will reduce risk before you give the agent permission to run the scanner.
功能分析
Type: OpenClaw Skill Name: isnad-scan Version: 1.0.0 This skill bundle is a wrapper for 'isnad-scan', a security scanner designed to detect vulnerabilities and malicious patterns in AI agent skills. The `SKILL.md` provides instructions for installing and using this scanner. There is no evidence of malicious intent, data exfiltration, unauthorized execution, or prompt injection against the agent for harmful purposes. The instructions are clear, directly related to the stated purpose of a security scanner, and do not attempt to subvert the agent or compromise the system.
能力评估
Purpose & Capability
Name/description (a scanner) matches the declared requirement: the isnad-scan binary. No unrelated env vars, config paths, or surprising binaries are requested.
Instruction Scope
SKILL.md only instructs running the scanner on a path and shows flags and a Python API. This stays within the stated purpose. Caveats: using --cve implies network queries to OSV.dev (expected for CVE checks) and the Python import example means the package code will be imported into the agent process — SKILL.md does not state whether the scanner performs any dynamic execution of scanned code or telemetry/remote submission of findings.
Install Mechanism
SKILL.md includes a pipx install entry for isnad-scan (PyPI), which is a standard mechanism. The registry metadata noted 'No install spec', creating a minor inconsistency between declared registry install specs and the SKILL.md. Installing from PyPI via pipx is moderate risk but expected for a Python tool; there are no ad-hoc downloads or unknown URLs.
Credentials
No environment variables or credentials are requested, which is proportionate to a scanner. The only external access implied is CVE lookups (public OSV.dev) and possibly GitHub/PyPI lookups referenced in the README links.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent elevated presence or attempt to modify other skills. Autonomous invocation is allowed (platform default) but not by itself a concern here.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install isnad-scan
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /isnad-scan 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Security scanner for AI agent skills — 69+ detection patterns. Detects code injection, prompt injection, credential exfiltration, supply chain attacks, and more.
元数据
Slug isnad-scan
版本 1.0.0
许可证
累计安装 2
当前安装数 1
历史版本数 1
常见问题

isnad-scan 是什么?

Scan AI agent skills for security vulnerabilities — detects code injection, prompt injection, credential exfiltration, supply chain attacks, and 69+ threat p... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 518 次。

如何安装 isnad-scan?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install isnad-scan」即可一键安装,无需额外配置。

isnad-scan 是免费的吗?

是的,isnad-scan 完全免费(开源免费),可自由下载、安装和使用。

isnad-scan 支持哪些平台?

isnad-scan 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 isnad-scan?

由 Rapi(@0xrapi)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论