skill-auditor-pro审查 ClawHub skills 的安全性,检测恶意代码、可疑模式和社工攻击。在安装任何第三方 skill 前使用此工具进行安全检查。
Install via ClawdBot CLI:
clawdbot install sypsyp97/skill-auditor-proAudit ClawHub skills for security threats before installing them.
Use this skill when:
# Inspect without installing
clawhub inspect <skill-name>
# Run the audit script
~/.openclaw/workspace/skills/skill-auditor/scripts/audit.sh <skill-name>~/.openclaw/workspace/skills/skill-auditor/scripts/audit.sh --local <skill-path>| Severity | Pattern | Risk |
|----------|---------|------|
| 🔴 High | base64.\|.bash | Encoded execution |
| 🔴 High | curl.\|.bash | Remote script execution |
| 🔴 High | eval\( / exec\( | Dynamic code execution |
| 🔴 High | Known C2 server IPs | Malicious communication |
| 🟡 Medium | Access to ~/.openclaw/ | Config theft |
| 🟡 Medium | Reads $API_KEY etc. | Credential leakage |
| 🟡 Medium | Social engineering keywords | User deception |
| 🟢 Low | Requires sudo | Elevated privileges |
Automatically decodes hidden malicious payloads:
\x41\x42 format stringsUses Gemini CLI to analyze suspicious code intent:
gemini CLI installed91.92.242.30 # ClawHavoc primary serverglot.io # Hosts obfuscated scripts
webhook.site # Data exfiltration endpointOpenClawDriver # Non-existent "driver"
ClawdBot Driver # Social engineering lure
Required Driver # Tricks users into installing malware═══════════════════════════════════════════
SKILL AUDIT REPORT: <skill-name>
═══════════════════════════════════════════
🔴 HIGH RISK FINDINGS:
[LINE 23] base64 encoded execution detected
[LINE 45] curl|bash pattern found
🟡 MEDIUM RISK FINDINGS:
[LINE 12] Accesses ~/.openclaw/ directory
🟢 LOW RISK FINDINGS:
[LINE 5] Requires sudo for installation
═══════════════════════════════════════════
VERDICT: ❌ DO NOT INSTALL
═══════════════════════════════════════════Update this skill when new threats are discovered:
MALICIOUS_IPSMALICIOUS_DOMAINSSOCIAL_ENGINEERINGUpdate location: variable definitions at the top of scripts/audit.sh
Generated Mar 1, 2026
Large organizations using ClawHub skills for automation can deploy Skill Auditor Pro to vet third-party skills before deployment, ensuring compliance with internal security policies and preventing data breaches from malicious code. It helps IT teams maintain a secure skill ecosystem by automatically scanning for threats like credential leakage or unauthorized access.
Platforms hosting ClawHub skills can integrate this tool to audit submissions from developers, providing a security certification badge for safe skills. This builds user trust by filtering out malicious content, such as social engineering lures or obfuscated payloads, before they reach end-users.
Cybersecurity training programs can use Skill Auditor Pro as a hands-on tool to teach students about threat detection in AI ecosystems. Students analyze real-world skill code for patterns like base64 encoding or C2 server IPs, enhancing practical skills in security auditing and malware analysis.
Open source projects relying on ClawHub skills for automation can incorporate this tool into their CI/CD pipelines to automatically audit dependencies. This prevents the introduction of vulnerabilities, such as dynamic code execution or config theft, during updates or new skill integrations.
Offer a free basic version for individual users with limited scans, and charge for premium features like advanced LLM analysis, team collaboration tools, and priority support. Revenue comes from monthly subscriptions, targeting small to medium businesses needing enhanced security audits.
Sell annual licenses to large enterprises for unlimited audits, custom threat intelligence feeds, and integration with existing security systems. This model includes dedicated support and regular updates for new IoCs, generating high-value contracts from sectors like finance or healthcare.
Partner with ClawHub or similar platforms to provide built-in auditing services, earning revenue through revenue-sharing agreements or per-scan fees. This leverages the platform's user base to drive adoption, with monetization based on the volume of skills audited and certified.
💬 Integration Tip
Integrate Skill Auditor Pro into CI/CD pipelines using its command-line scripts for automated pre-install audits, and ensure the gemini CLI is installed if leveraging optional LLM analysis for deeper threat detection.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Security check for ClawHub skills powered by Koi. Query the Clawdex API before installing any skill to verify it's safe.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.