← 返回 Skills 市场
Skill Auditor
作者
Ruben Quispe
· GitHub ↗
· v2.1.3
2726
总下载
1
收藏
20
当前安装
7
版本数
在 OpenClaw 中安装
/install skill-auditor
功能描述
Security scanner that catches malicious skills before they steal your data. Detects credential theft, prompt injection, and hidden backdoors. Works immediately with zero setup. Optional AST dataflow analysis traces how your data moves through code.
安全使用建议
This package appears internally consistent with its stated role as a local security scanner. Before running it: 1) Inspect scripts/setup.js and scripts/scan-skill.js (they are present) to confirm the setup wizard does not run unexpected network commands or install remote code automatically. 2) Run the tool in an isolated environment (VM/temporary container) first, especially before enabling auto-scan. 3) If you plan to use VirusTotal or the LLM features, provide those API keys only if you trust the repository; agree to their privacy implications. 4) Verify the repository/origin (the package.json repo points to a GitHub URL) and check commit history or upstream project to increase confidence. 5) If you want higher assurance, ask the publisher for a signed release or checksum; absence of a homepage / known publisher keeps overall confidence at medium.
功能分析
Type: OpenClaw Skill
Name: skill-auditor
Version: 2.1.3
The OpenClaw AgentSkills skill bundle 'skill-auditor' is a security scanner designed to detect malicious behavior in other skills. Its code and documentation consistently align with this stated purpose. All seemingly 'risky' capabilities, such as file system access, network requests, shell execution, and LLM interaction, are implemented to analyze and audit other skills, not to perform malicious actions against the user or the OpenClaw agent. For example, `scripts/analyzers/static.js` defines extensive regex patterns to detect prompt injection, data exfiltration, and persistence mechanisms, but these patterns are used for detection, not execution by the auditor itself. The setup script creates benign shell hooks to automate scanning of newly installed skills, providing user control over warnings. There is no evidence of intentional harmful behavior by this skill.
能力评估
Purpose & Capability
Name/description match the actual contents: many analyzer scripts (AST, static, virustotal, llm-semantic, scan-url, format-report) are present and expected for a security scanner. Optional features (AST, VirusTotal, LLM) are declared and implemented as optional dependencies.
Instruction Scope
SKILL.md instructs the agent/user to scan local skill directories, audit installed skills, optionally enable AST/Tree-sitter, and optionally use VirusTotal/LLM. These actions legitimately require reading skill files and making network requests when asked. However, the docs also contain prompt-injection examples and guidance (expected for a scanner) which triggered a pre-scan injection signal — verify that these are explanatory examples and not instructions that will be executed by the agent.
Install Mechanism
No automatic installer is provided (no download/execute URL). The tool is a Node.js project with scripts you run locally; optional Python/tree-sitter and optional npm modules are listed. No high-risk remote install URLs or shorteners are present in the package metadata.
Credentials
The skill declares no required environment variables. Optional features request a VIRUSTOTAL_API_KEY and an OpenClaw gateway for LLM analysis — both are proportional to the described optional features. The scanner will read files and env-vars inside scanned skills (that's its purpose) but does not request unrelated credentials.
Persistence & Privilege
always:false and model invocation allowed by default. The setup wizard saves preferences to ~/.openclaw/skill-auditor.json and can optionally enable auto-scan (opt-in). The skill does not request always:true or system-wide config modifications in SKILL.md.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-auditor - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-auditor触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.1.3
Removed test malicious files that triggered ClawHub security scan
v2.1.2
Improved setup wizard - explains each feature with test data, asks one-by-one, offers to audit all skills
v2.1.1
v2.1.1 - Setup wizard, audit-all command, fewer false positives, cross-platform support
v2.1.0
Setup wizard with opt-in features, audit-all command scans every installed skill, fewer false positives on legitimate skills, cross-platform tree-sitter install
v1.2.0
Improved intent matching: docs/badge URLs ignored, better purpose-keyword recognition, accuracy scoring fix
v1.1.0
Smarter context-aware analysis + simpler UX
v1.0.0
Initial release - Security scanner for Moltbot/OpenClaw skills
元数据
常见问题
Skill Auditor 是什么?
Security scanner that catches malicious skills before they steal your data. Detects credential theft, prompt injection, and hidden backdoors. Works immediately with zero setup. Optional AST dataflow analysis traces how your data moves through code. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2726 次。
如何安装 Skill Auditor?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-auditor」即可一键安装,无需额外配置。
Skill Auditor 是免费的吗?
是的,Skill Auditor 完全免费(开源免费),可自由下载、安装和使用。
Skill Auditor 支持哪些平台?
Skill Auditor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skill Auditor?
由 Ruben Quispe(@rubenaquispe)开发并维护,当前版本 v2.1.3。
推荐 Skills