skill-guardScan ClawHub skills for security vulnerabilities BEFORE installing. Use when installing new skills from ClawHub to detect prompt injections, malware payloads, hardcoded secrets, and other threats. Wraps clawhub install with mcp-scan pre-flight checks.
Install via ClawdBot CLI:
clawdbot install jamesOuttake/skill-guardThe only pre-install security gate for ClawHub skills.
| | VirusTotal (ClawHub built-in) | skillscanner (Gen Digital) | skill-guard |
|---|---|---|---|
| When it runs | After publish (server-side) | On-demand lookup | Before install (client-side) |
| What it checks | Malware signatures | Their database | Actual skill content |
| Prompt injections | ā | ā | ā |
| Data exfiltration URLs | ā | ā | ā |
| Hidden instructions | ā | ā | ā |
| AI-specific threats | ā | ā | ā |
| Install blocking | ā | ā | ā |
VirusTotal catches known malware binaries ā but won't flag .
skillscanner checks if Gen Digital has reviewed it ā but can't scan new or updated skills.
skill-guard uses mcp-scan (Invariant Labs, acquired by Snyk) to analyze what's actually in the skill, catches AI-specific threats, and blocks install if issues are found.
Skills can contain:
One bad skill = compromised agent. Your agent trusts skills implicitly.
# Instead of: clawhub install some-skill
./scripts/safe-install.sh some-skillskill-guard:
/tmp/) ā never touches your real skills folderReal example ā skill-guard flagged this malicious skill:
ā [E004]: Prompt injection detected (high risk)
ā [E006]: Malicious code pattern detected
ā [W007]: Insecure credential handling
ā [W008]: Machine state compromise attempt
ā [W011]: Third-party content exposureVirusTotal: 0/76 engines. mcp-scan caught what antivirus missed.
# Secure install (recommended)
./scripts/safe-install.sh <skill-slug>
# With version
./scripts/safe-install.sh <skill-slug> --version 1.2.3
# Force overwrite
./scripts/safe-install.sh <skill-slug> --force| Code | Meaning | Action |
|------|---------|--------|
| 0 | Clean | Skill installed ā |
| 1 | Error | Check dependencies/network |
| 2 | Threats found | Skill quarantined in /tmp/, review before deciding |
Skill stays in /tmp/skill-guard-staging/skills/ (quarantined). You can:
mv /tmp/skill-guard-staging/skills/ ~/.openclaw/workspace/skills/ rm -rf /tmp/skill-guard-staging/clawhub CLI ā npm i -g clawhubuv ā curl -LsSf https://astral.sh/uv/install.sh | shYour agent has access to your files, messages, maybe your whole machine. One malicious skill can:
Trust, but verify. Scan before you install.
Generated Mar 1, 2026
Large organizations deploying AI agents across departments use skill-guard to vet third-party skills before installation, ensuring no hidden prompt injections or data exfiltration risks compromise sensitive corporate data. This prevents unauthorized access to internal systems and maintains compliance with security policies.
Software development teams integrate skill-guard into their CI/CD pipelines to automatically scan new or updated ClawHub skills during testing phases. This catches AI-specific threats like malicious code patterns before deployment, reducing the risk of supply chain attacks in production environments.
Academic institutions and researchers use skill-guard to safely experiment with diverse ClawHub skills for AI agent projects, blocking installations that contain hardcoded secrets or toxic flows. This protects student data and research integrity from potential breaches or manipulation.
Independent consultants and small agencies leverage skill-guard to securely install skills for client projects, verifying content for prompt injections and hidden instructions to prevent agent compromise. This builds trust with clients by ensuring reliable and safe AI functionality.
Open source contributors and maintainers use skill-guard to review community-submitted skills for security vulnerabilities before integration into shared repositories. This helps maintain project safety by catching threats like malware payloads early in the contribution process.
Offer a free basic version of skill-guard for individual users with limited scans, and a paid tier for enterprises with advanced features like batch scanning, detailed reporting, and priority support. Revenue comes from subscription fees and custom integration services.
License skill-guard to large corporations as part of their AI security suite, providing volume discounts and dedicated support. Revenue is generated through annual licensing contracts and optional training or consulting packages for deployment.
Partner with ClawHub and other AI platform providers to bundle skill-guard as a default security feature, earning revenue through referral fees or revenue-sharing agreements. This model leverages existing user bases to drive adoption and monetization.
š¬ Integration Tip
Integrate skill-guard into your existing workflow by replacing direct clawhub install commands with the safe-install script, and set up automated scans in development environments to catch threats early.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Security check for ClawHub skills powered by Koi. Query the Clawdex API before installing any skill to verify it's safe.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.