← 返回 Skills 市场
Skill Auditor v2
作者
aiwithabidi
· GitHub ↗
· v2.0.0
619
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install skill-auditor-v2
功能描述
Security scanner for OpenClaw skills. Detects malicious code, obfuscated payloads, prompt injection, social engineering, typosquatting, and data exfiltration...
安全使用建议
This skill appears to be what it says: a Python-based auditor plus a shell quarantine helper. Before running it, review the bundled audit_skill.py (it will scan files and may fetch remote slugs) and quarantine.sh yourself, and run them in an isolated environment (container or VM) on untrusted skills. Be aware the --slug mode will perform network fetches to retrieve remote skills — if you need to avoid network I/O, run the auditor only against local directories. Confirm the default production directory in quarantine.sh matches your environment before approving any automatic copy/installation, and inspect audit-report.json results before installing any audited skill. The pre-scan prompt-injection flag is explained by the auditor including a list of injection signatures; this is expected but always worth a quick manual check because such patterns could be abused if the skill were modified by a malicious actor.
功能分析
Type: OpenClaw Skill
Name: skill-auditor-v2
Version: 2.0.0
The OpenClaw AgentSkills skill 'skill-auditor-v2' is a security scanner designed to detect malicious code, prompt injection, and data exfiltration in other skills. All analyzed files (code and documentation) are consistent with this stated purpose. The `audit_skill.py` script implements various detection layers, including static analysis, deobfuscation, and threat intelligence, but these are for *detecting* threats in *other* skills, not for performing malicious actions itself. The `quarantine.sh` script orchestrates the audit and offers conditional installation of *other* skills after explicit user confirmation. The use of `subprocess.run` to execute `clawhub inspect` for fetching remote skills is a legitimate function for an auditor and is implemented in a manner that mitigates direct shell injection (passing arguments as a list). No evidence of intentional harmful behavior, data exfiltration, backdoors, or prompt injection against the agent by *this* skill was found.
能力评估
Purpose & Capability
Name/description indicate a security scanner; required binary is only python3; included files (audit_skill.py, quarantine.sh, IoC DB and pattern docs) match that purpose. Nothing in metadata asks for unrelated cloud credentials or system-wide privileges.
Instruction Scope
SKILL.md instructs the agent to run the included Python scanner or the quarantine shell script against a provided skill path or slug. The doc and reference files include prompt‑injection signatures (e.g., 'ignore previous instructions') which triggered a pre-scan warning — this appears to be part of the scanner's rule set (expected) rather than an attempt to override the evaluator. The scanner may fetch remote skills when run with --slug (network I/O) — this is expected for a tool that audits remote packages, but you should be aware it will contact ClawHub or whatever remote endpoint the script implements.
Install Mechanism
No installer or external download is declared. This is instruction + code bundled in the skill. No remote archive downloads or extract steps are performed by the registry metadata. Running the tools will execute local Python code only.
Credentials
The skill declares no required environment variables or credentials. The scanner contains detection rules to look for many API‑key patterns and config paths but does not itself require any external secrets to operate.
Persistence & Privilege
The skill is not always-enabled, does not request persistent system changes in metadata, and the quarantine script only copies quarantined files into a production directory if the user explicitly consents. No elevated platform privileges are requested in metadata.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-auditor-v2 - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-auditor-v2触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.0
Merged best of 3 auditors: Python static analysis + deobfuscation + 0-100 scoring + MITRE ATT&CK + IoC database + social engineering detection + typosquat checks + zero-width char detection
元数据
常见问题
Skill Auditor v2 是什么?
Security scanner for OpenClaw skills. Detects malicious code, obfuscated payloads, prompt injection, social engineering, typosquatting, and data exfiltration... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 619 次。
如何安装 Skill Auditor v2?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-auditor-v2」即可一键安装,无需额外配置。
Skill Auditor v2 是免费的吗?
是的,Skill Auditor v2 完全免费(开源免费),可自由下载、安装和使用。
Skill Auditor v2 支持哪些平台?
Skill Auditor v2 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skill Auditor v2?
由 aiwithabidi(@aiwithabidi)开发并维护,当前版本 v2.0.0。
推荐 Skills