SecurityClaw

Security-first skill auditing and quarantine for OpenClaw skills. Use when installing new skills, reviewing skills from unknown sources, scanning skills for prompt injection/exfiltration/supply-chain risks, or when a bot suspects a skill is malicious. Guides static + optional sandbox checks, quarantines suspicious skills, and produces an owner-action checklist (Delete / Report / Allow / Scan all).

This skill is internally coherent for scanning and quarantining other skills. Before running: (1) review the bundled Python script (you already did) and confirm it will be run against the correct skills directory; (2) run it read-only first (no --quarantine) and examine report.json; (3) if you use --quarantine, run it as a normal user (not root) so it can only move files the user can already modify; (4) if you plan to perform dynamic sandboxing, follow the sandboxing.md guidance (run in an isolated VM/container with no network and no access to OpenClaw secrets); (5) remember the SKILL.md contains examples of attack markers (e.g., 'ignore previous instructions') which the scanner will flag — that's expected. If you need higher assurance, run the scanner on a copy of your skills folder or in a disposable environment first.

Type: OpenClaw Skill Name: securityclaw Version: 1.0.0 This skill is a security scanner designed to audit other OpenClaw skills for malicious patterns, including prompt injection, data exfiltration, and shell execution. The `SKILL.md` provides instructions for running the scanner, not for the agent to perform malicious actions. The `scripts/securityclaw_scan.py` script performs static analysis and can quarantine suspicious skill directories, which are legitimate actions for a security tool. It does not contain any self-malicious code, attempt to exfiltrate data, or perform unauthorized actions. Its file system access and analysis capabilities are directly aligned with its stated purpose as a security scanner.