← 返回 Skills 市场

Scan Skill

Name: Scan Skill
Author: itsnishi

作者 ItsNishi · GitHub ↗ · v1.1.1 · MIT-0

cross-platform ⚠ suspicious

1422

总下载

当前安装

版本数

在 OpenClaw 中安装

/install scan-skill

功能描述

Deep security analysis of an individual skill before installation

安全使用建议

This skill appears to do exactly what it says: run a local scanner on a skill directory. Before using it, (1) review the bundled scripts yourself (you have them in the package) to confirm they don't execute code from scanned projects, (2) run the scanner in a sandbox or with least-privilege access if you will scan untrusted repositories, and (3) only point it at directories you intend to expose to a scanner (it will read files and report secrets it finds). The presence of 'Bash' in allowed-tools is explainable (the scanner runs via a shell command) and is mitigated by disable-model-invocation: true, but if you prefer extra caution, run the included python script manually in your environment rather than granting tool execution to an agent.

功能分析

Type: OpenClaw Skill Name: scan-skill Version: 1.1.1 The scan-skill bundle is a security auditing tool designed to perform deep analysis of other OpenClaw skills for vulnerabilities and malicious patterns. It utilizes a comprehensive database of detection signatures in scripts/patterns.py and a scanning engine in scripts/scan_skill.py to identify risks such as prompt injection, data exfiltration, and supply chain attacks. While the tool requires Bash access and performs network requests to verify package legitimacy on PyPI/npm, its behavior is transparently documented, aligned with its defensive purpose, and includes security best practices like disabling model auto-invocation in SKILL.md.

能力评估

✓ Purpose & Capability

Name/description claim a pre-install scanner and the package contains a scanner (scripts/scan_skill.py) plus a pattern database (scripts/patterns.py). The allowed tools (Read, Glob, Grep, Bash) and the instruction to run the included python scanner are consistent with scanning a skill directory.

ℹ Instruction Scope

SKILL.md instructs the agent (or user) to run the included python scanner against a target skill directory. The scanner reads all files under the provided directory and reports findings (including secrets). That file I/O is expected for this purpose, but be aware the tool will enumerate and print contents from whatever path you point it at — so only scan directories you intend to inspect.

✓ Install Mechanism

No install spec — instruction-only with bundled scripts. The scanner code is included directly in the skill (no external downloads or package installs), which is proportionate for a local analysis tool.

✓ Credentials

The skill requests no environment variables or external credentials. The pattern database contains regexes to detect secrets, but the skill itself does not require or access secrets from your environment.

✓ Persistence & Privilege

Registry flags show disable-model-invocation: true and always is false. The skill is not auto-invocable and does not request persistent/system-wide changes. It does not attempt to modify other skills' configs in the provided code.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install scan-skill
安装完成后，直接呼叫该 Skill 的名称或使用 /scan-skill 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.1.1

- Expand pattern database from ~70 to 151 patterns across 15 categories - Add 5 new categories: code_before_review, config_backdoor, memory_corruption, confused_delegation, persistence - Add live package verification -- pip/npm install commands checked against PyPI/npm in real time - Non-existent packages flagged CRITICAL (slopsquatting/hallucination detection) - New coverage: reverse shells, cloud IMDS, env var hijacking, persistence mechanisms, dependency confusion, GitHub Actions poisoning, 16+ obfuscation techniques - Document advisory hook behavior in SKILL.md

v1.1.0

- Added detailed documentation about advisory PreToolUse hooks in `.claude/settings.json` that warn on dangerous Bash and Write tool operations. - Clarified that scan-skill serves as the detection layer, with hooks providing supplementary runtime warnings. - Included guidance on how to enforce blocking (by returning `{"decision": "block"}`) instead of warnings. - No changes to the skill's functionality or code.

v1.0.0

Initial release of scan-skill: an individual skill security analyzer. - Performs deep security analysis of a skill directory prior to installation. - Checks for injection techniques, hidden commands, and dangerous field combinations in SKILL.md. - Analyzes scripts, permissions, encoding/obfuscation patterns, and dynamic context usage. - Produces a structured, severity-ranked report with recommendations and a file inventory. - Intended for pre-installation review of public, external, or contributed skills.

元数据

Slug scan-skill

版本 1.1.1

许可证 MIT-0

累计安装 3

当前安装数 2

历史版本数 3

常见问题

Scan Skill 是什么？

Deep security analysis of an individual skill before installation. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 1422 次。

如何安装 Scan Skill？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install scan-skill」即可一键安装，无需额外配置。

Scan Skill 是免费的吗？

是的，Scan Skill 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Scan Skill 支持哪些平台？

Scan Skill 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Scan Skill？

由 ItsNishi（@itsnishi）开发并维护，当前版本 v1.1.1。