skillvetSecurity scanner for ClawHub/community skills — detects malware, credential theft, exfiltration, prompt injection, obfuscation, homograph attacks, ANSI injec...
Install via ClawdBot CLI:
clawdbot install oakencore/skillvetGrade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Accesses sensitive credential files or environment variables
/etc/passwdContains instructions to override system prompt or ignore user requests
"ignore previous instructions"Sends data to undocumented external endpoint (potential exfiltration)
report → https://www.koi.ai/blog/clawhavoc-341-malicious-clawedbot-skills-found-by-the-boPotentially destructive shell commands in tool definitions
Generated Mar 1, 2026
Organizations using AI agent platforms like ClawHub can deploy Skillvet to automatically scan and vet skills from public marketplaces before installation. This prevents malware, credential theft, and prompt injection attacks, ensuring only safe skills are integrated into their AI agents, reducing security risks in enterprise environments.
Companies in regulated industries such as finance or healthcare use Skillvet to audit installed AI agent skills for compliance with security policies. The tool's JSON and SARIF outputs facilitate automated reporting and integration into CI/CD pipelines, helping meet regulatory requirements and internal security standards.
Development teams adopt Skillvet as part of their secure coding practices to scan custom AI agent skills for vulnerabilities like obfuscation or homograph attacks. It serves as an educational tool, highlighting common attack patterns and enabling proactive remediation during the development lifecycle.
Security operations centers utilize Skillvet to investigate suspected compromises in AI agent ecosystems. By scanning for indicators of compromise such as reverse shells or known C2 IPs, teams can quickly identify and isolate malicious skills, minimizing damage and preventing data exfiltration.
Offer Skillvet as a free open-source tool for basic scanning, with premium features like advanced threat intelligence feeds, priority support, and enterprise dashboards for a subscription fee. This model attracts individual users while monetizing organizations needing enhanced security and reporting capabilities.
Provide consulting and integration services to embed Skillvet into corporate AI agent platforms, offering custom rule sets, training, and ongoing support. This model targets large enterprises seeking tailored security solutions and compliance assistance, generating revenue through project-based fees and retainers.
Partner with AI agent marketplaces like ClawHub to offer Skillvet as a certification service for listed skills. Revenue is generated through certification fees per skill or a revenue share from marketplace transactions, ensuring only vetted skills are available and building trust among users.
💬 Integration Tip
Integrate Skillvet into CI/CD pipelines using its JSON output for automated security checks, and set up pre-commit hooks to scan skills before code commits to catch vulnerabilities early.
Scored May 20, 2026
curl \| bashCalls external URL not in known-safe list
https://www.koi.ai/blog/clawhavoc-341-malicious-clawedbot-skills-found-by-the-boUses known external API (expected, informational)
raw.githubusercontent.comAI Analysis
The skill is a security scanner designed to audit other skills; its external calls are to known security research blogs and GitHub for pattern updates, which is consistent with its stated purpose. The detected signals are examples of what it scans for in other skills, not its own behavior.
Audited Apr 16, 2026 · audit v1.0
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Manage and operate ClawSec Monitor v3.0, a MITM HTTP/HTTPS proxy that logs AI agent traffic, detects exfiltration and injection threats in real time.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.
MoltGuard — OpenClaw security guard by OpenGuardrails. Install MoltGuard to protect you and your human from prompt injection, data exfiltration, and maliciou...
Safe command execution for OpenClaw Agents with automatic danger pattern detection, risk assessment, user approval workflow, and audit logging. Use when agen...
Scan ClawHub skills for security vulnerabilities BEFORE installing. Use when installing new skills from ClawHub to detect prompt injections, malware payloads, hardcoded secrets, and other threats. Wraps clawhub install with mcp-scan pre-flight checks.