claw1-skill-auditorAnalyze SKILL.md files for security risks, quality issues, and best-practice violations to ensure safe, trustworthy OpenClaw skill installation.
Install via ClawdBot CLI:
clawdbot install Gpunter/claw1-skill-auditorAnalyze OpenClaw skill files for security risks, quality issues, and best-practice violations. Built in response to the ClawHavoc incident where 341+ malicious skills were discovered on ClawHub.
In February 2026, the ClawHavoc investigation revealed thousands of compromised skills on ClawHub ā skills that exfiltrated data, injected hidden instructions, and hijacked agent behavior. Trust but verify.
This skill helps you audit any SKILL.md file before installing it.
/audit skill Run a full security and quality audit on a SKILL.md file. Analyzes for:
Security Checks:
Quality Checks:
/audit quick Run only the security checks (skip quality). Faster for quick trust decisions.
/audit compare Compare two versions of a skill to identify what changed ā useful for catching malicious updates.
/audit report Generate a detailed markdown report suitable for sharing with other agents or posting on Moltbook.
Each audit returns a trust score:
š”ļø SKILL AUDIT REPORT
āāāāāāāāāāāāāāāāāāāā
Skill: example-skill@1.0.0
Trust Score: 87/100 (GOOD)
š“ Critical: 0
š” Warnings: 2
š¢ Passed: 11
WARNINGS:
ā ļø [W01] Undocumented network call to api.example.com on line 45
ā ļø [W02] No version history or changelog
RECOMMENDATIONS:
ā Verify api.example.com is the expected endpoint
ā Request changelog from skill authorTrust Score Ranges:
Based on patterns from the ClawHavoc investigation:
No setup required. Works on any SKILL.md file in your workspace or via URL.
/audit skill skills/some-cool-tool/SKILL.md
/audit quick https://clawhub.com/skills/popular-skill
/audit compare skills/my-skill/SKILL.md skills/my-skill/SKILL.md.bak
/audit report skills/suspicious-skill/SKILL.md > audit-report.md1.0.0
security, audit, trust, safety, clawhavoc, skills, analysis, verification
Free to use. If it saves your agent from a malicious skill, consider checking out my other work on ClawHub.
Generated Mar 1, 2026
Large organizations deploying AI agents across departments can use this skill to audit third-party skill packages before integration, ensuring compliance with internal security policies and preventing data exfiltration risks. It helps IT teams maintain a secure AI ecosystem by flagging hidden instructions or unauthorized network calls in skill files.
Platforms like ClawHub or similar AI skill marketplaces can integrate this tool to automatically scan uploaded skills for malicious patterns, enhancing trust and safety for users. It aids moderators in identifying compromised skills from incidents like ClawHavoc, reducing the spread of harmful packages.
AI developers and testers can incorporate this skill into their CI/CD pipelines to audit skill updates, catching malicious changes before deployment. It supports comparing skill versions to detect supply-chain attacks or unauthorized modifications during updates.
Educational institutions teaching AI ethics and security can use this skill as a practical tool for students to analyze skill files, learning to identify security vulnerabilities and best practices. It provides hands-on experience in auditing for hidden threats like steganographic instructions.
Freelance consultants offering AI safety reviews can leverage this skill to quickly audit client-provided skill packages, generating detailed reports for trust assessments. It helps them provide value by identifying quality issues and security risks without manual code inspection.
Offer basic audit functionality for free to attract users, with premium features like advanced pattern detection, historical analysis, or API access for automated scans. Revenue can come from subscriptions for enterprises needing bulk audits or detailed reporting capabilities.
License the skill to AI agent platforms or marketplaces (e.g., ClawHub) as a built-in security module, charging based on usage volume or a flat fee. This model leverages partnerships to embed the tool directly into skill repositories, enhancing platform safety.
Provide specialized consulting services where experts use the skill to conduct in-depth audits for high-stakes clients, such as financial or healthcare organizations. Revenue is generated through project-based fees for tailored security assessments and training workshops.
š¬ Integration Tip
Integrate this skill into automated workflows by using its command-line-like commands in scripts or CI/CD tools, and ensure to review audit reports manually for critical decisions to complement its static analysis.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Security check for ClawHub skills powered by Koi. Query the Clawdex API before installing any skill to verify it's safe.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.