OpenScan

Scan binaries and scripts for malicious patterns before trusting them. Use when installing skills, evaluating unknown binaries, or auditing tool dependencies.

This skill appears to implement what it advertises (static scanning) and has no credential requests, but exercise caution before using it on untrusted inputs or integrating it automatically: 1) The code runs a shell command (codesign) with an interpolated file path via execSync — that can be abused if an attacker controls a filename. Prefer a patched version that uses child_process.execFile / spawn with an args array or properly escapes/sanitizes paths. 2) The scanner reads file contents and computes hashes; do not run it on directories containing secrets unless you trust its environment. 3) There's a small metadata inconsistency (homepage vs package repository); verify origin (author/repo) before trusting. Recommended actions: review/patch the codesign invocation, run the tool in an isolated environment (container/VM) until patched, or only scan files from trusted sources.

Type: OpenClaw Skill Name: openscan Version: 1.0.0 The OpenScan skill is a security tool designed to scan binaries and scripts for malicious patterns. Its code legitimately uses file system access (`fs`) to read files and directories for analysis, and `child_process.execSync` to run `codesign --verify` on macOS, which is a necessary function for its stated purpose of checking code signatures. The skill's documentation (SKILL.md, README.md) and code do not contain any prompt injection attempts against the AI agent, nor do they exhibit any malicious behaviors such as data exfiltration, unauthorized network communication, or persistence mechanisms. All identified high-risk capabilities are directly aligned with the skill's security scanning functionality.