securityclawSecurity-first skill auditing and quarantine for OpenClaw skills. Use when installing new skills, reviewing skills from unknown sources, scanning skills for prompt injection/exfiltration/supply-chain risks, or when a bot suspects a skill is malicious. Guides static + optional sandbox checks, quarantines suspicious skills, and produces an owner-action checklist (Delete / Report / Allow / Scan all).
Install via ClawdBot CLI:
clawdbot install mallen-lbx/securityclawRun the scanner (read-only by default):
python3 scripts/securityclaw_scan.py --skills-dir ~/.openclaw/skills --out report.jsonQuarantine anything suspicious (moves folders, no deletion):
python3 scripts/securityclaw_scan.py --skills-dir ~/.openclaw/skills --quarantine-dir ~/.openclaw/skills-quarantine --quarantine --out report.jsonIf the report shows severity >= high for any skill:
1) Do not execute the skill.
2) Quarantine the skill folder.
3) Notify the owner with:
4) Await owner instruction:
Dynamic checks are optional and should run only after owner approval.
See references/sandboxing.md.
scripts/securityclaw_scan.py — main scanner + quarantinereferences/rules.md — rule catalog (what we flag and why)references/sandboxing.md — safe sandbox strategy + what to avoidGenerated Mar 1, 2026
When integrating third-party or community-developed skills into an OpenClaw environment, this skill scans for prompt injection, exfiltration, and supply-chain risks before deployment. It ensures that new additions do not compromise system security by performing static analysis and optionally quarantining suspicious code.
Periodically scanning all installed skills to detect vulnerabilities or malicious changes introduced over time. This helps maintain a secure AI ecosystem by identifying and isolating compromised skills based on severity levels, preventing unauthorized data access or system exploitation.
When unusual behavior or performance issues suggest a skill might be malicious, this tool quickly audits and quarantines the suspect skill. It provides actionable reports with file and line details, enabling swift owner notification and remediation steps like deletion or reporting.
Ensuring that all AI skills comply with organizational security policies and regulatory standards. The skill generates audit trails and checklists for actions such as allowlisting or deletion, supporting governance frameworks in regulated industries like finance or healthcare.
Offer ongoing security scanning and quarantine services for OpenClaw skill repositories on a monthly or annual subscription basis. Revenue is generated through tiered plans based on the number of skills scanned, frequency of audits, and access to advanced features like sandboxing.
Provide professional services to help organizations integrate and customize the SecurityClaw skill into their existing AI infrastructure. Revenue comes from one-time setup fees, training sessions, and ongoing support contracts for complex deployments or dynamic sandboxing implementations.
Distribute the basic scanning functionality for free to attract users, then monetize through premium add-ons such as advanced sandboxing, detailed reporting dashboards, or automated owner notification systems. Revenue is driven by upsells to power users and enterprises.
💬 Integration Tip
Ensure the skills directory path is correctly specified in the scan command, and consider setting up automated cron jobs for regular scans to maintain continuous security monitoring.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Security check for ClawHub skills powered by Koi. Query the Clawdex API before installing any skill to verify it's safe.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.