{ "schemaVersion": "1.0", "item": { "slug": "skill-defender", "name": "Skill Defender", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/itsclawdbro/skill-defender", "canonicalUrl": "https://clawhub.ai/itsclawdbro/skill-defender", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/skill-defender", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=skill-defender", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md", "references/threat-patterns.md", "scripts/aggregate_scan.py", "scripts/scan_skill.py" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-05-07T17:22:31.273Z", "expiresAt": "2026-05-14T17:22:31.273Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-annual-report", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-annual-report", "contentDisposition": "attachment; filename=\"afrexai-annual-report-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/skill-defender" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/skill-defender", "agentPageUrl": "https://openagent3.xyz/skills/skill-defender/agent", "manifestUrl": "https://openagent3.xyz/skills/skill-defender/agent.json", "briefUrl": "https://openagent3.xyz/skills/skill-defender/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Automatic Triggers", "body": "New skill installed — Immediately run scan_skill.py against it before allowing use\nSkill updated — Re-scan after any file changes in a skill directory\nPeriodic audit — Run batch scan on all installed skills when requested" }, { "title": "Manual Triggers", "body": "User says \"scan skill X\" → scan that specific skill\nUser says \"scan all skills\" → batch scan all skills\nUser says \"security check\" or \"audit skills\" → same as above" }, { "title": "scripts/scan_skill.py — Single Skill Scanner", "body": "Scans one skill directory for malicious patterns. Produces JSON or human-readable output." }, { "title": "scripts/aggregate_scan.py — Batch Scanner", "body": "Scans ALL installed skills and produces a single JSON report. Includes a built-in allowlist to reduce false positives from security-related skills, API skills, and other known-safe patterns." }, { "title": "How to Run", "body": "# Scan a single skill (human-readable)\npython3 scripts/scan_skill.py /path/to/skill-dir\n\n# Scan a single skill (JSON output)\npython3 scripts/scan_skill.py /path/to/skill-dir --json\n\n# Scan ALL installed skills (JSON aggregate report)\npython3 scripts/aggregate_scan.py\n\n# With custom skills directory\npython3 scripts/aggregate_scan.py --skills-dir /path/to/skills\n\n# With verbose warnings\npython3 scripts/scan_skill.py /path/to/skill-dir --verbose\n\n# Exclude false positives\npython3 scripts/scan_skill.py /path/to/skill-dir --exclude \"pattern1\" \"pattern2\"" }, { "title": "Exit Codes (scan_skill.py)", "body": "0 = clean or informational only\n1 = suspicious (medium/high findings)\n2 = dangerous (critical findings)\n3 = error" }, { "title": "Output Format (aggregate_scan.py)", "body": "{\n \"skills\": [\n {\n \"name\": \"skill-name\",\n \"verdict\": \"clean|suspicious|dangerous|error\",\n \"findingsCount\": 0,\n \"findings\": []\n }\n ],\n \"summary\": \"All 37 skills passed with no significant issues.\",\n \"totalSkills\": 37,\n \"cleanCount\": 37,\n \"suspiciousCount\": 0,\n \"dangerousCount\": 0,\n \"errorCount\": 0,\n \"timestamp\": \"2026-02-02T06:00:00+00:00\"\n}" }, { "title": "Auto-Detection", "body": "Both scripts auto-detect paths:\n\nSkills directory: Detected from script location (walks up to find skills/ parent), falls back to ~/clawd/skills, ~/skills, ~/.openclaw/skills\nScanner script: aggregate_scan.py finds scan_skill.py co-located in the same directory" }, { "title": "✅ Clean (verdict: \"clean\")", "body": "No action needed — skill is safe" }, { "title": "⚠️ Suspicious (verdict: \"suspicious\")", "body": "Warn the user with a summary of findings\nShow the category and severity of each finding" }, { "title": "🚨 Dangerous (verdict: \"dangerous\")", "body": "Block the skill — do not proceed with installation or use\nShow the full detailed findings to the user\nRequire explicit user override to proceed" }, { "title": "Built-in Allowlist", "body": "The aggregate scanner includes an allowlist for known false positives:\n\nSecurity scanners (skill-defender, clawdbot-security-check) — their docs/scripts contain the very patterns they detect\nAuth-dependent skills (tailscale, reddit, n8n, event-planner) — legitimately reference credential paths and API keys\nConfig-aware skills (memory-setup, eightctl, summarize) — reference config paths in documentation\nAgent-writing skills (self-improving-agent) — designed to modify agent files" }, { "title": "Pattern Reference", "body": "See references/threat-patterns.md for full documentation of all detected patterns, organized by category with explanations of why each is dangerous." }, { "title": "Important Notes", "body": "No external dependencies — standard library only (Python 3.9+)\nFast — under 1 second per skill, ~30 seconds for a full batch of 30+ skills\nThis is deterministic pattern matching (Layer 2 defense). Not LLM-based.\nFalse positives are possible — the allowlist and --exclude flag help\nThe scanner will flag itself if scanned without the allowlist — this is expected" } ], "body": "Skill Defender — Malicious Pattern Scanner\nWhen to Run\nAutomatic Triggers\nNew skill installed — Immediately run scan_skill.py against it before allowing use\nSkill updated — Re-scan after any file changes in a skill directory\nPeriodic audit — Run batch scan on all installed skills when requested\nManual Triggers\nUser says \"scan skill X\" → scan that specific skill\nUser says \"scan all skills\" → batch scan all skills\nUser says \"security check\" or \"audit skills\" → same as above\nScripts\nscripts/scan_skill.py — Single Skill Scanner\n\nScans one skill directory for malicious patterns. Produces JSON or human-readable output.\n\nscripts/aggregate_scan.py — Batch Scanner\n\nScans ALL installed skills and produces a single JSON report. Includes a built-in allowlist to reduce false positives from security-related skills, API skills, and other known-safe patterns.\n\nHow to Run\n# Scan a single skill (human-readable)\npython3 scripts/scan_skill.py /path/to/skill-dir\n\n# Scan a single skill (JSON output)\npython3 scripts/scan_skill.py /path/to/skill-dir --json\n\n# Scan ALL installed skills (JSON aggregate report)\npython3 scripts/aggregate_scan.py\n\n# With custom skills directory\npython3 scripts/aggregate_scan.py --skills-dir /path/to/skills\n\n# With verbose warnings\npython3 scripts/scan_skill.py /path/to/skill-dir --verbose\n\n# Exclude false positives\npython3 scripts/scan_skill.py /path/to/skill-dir --exclude \"pattern1\" \"pattern2\"\n\nExit Codes (scan_skill.py)\n0 = clean or informational only\n1 = suspicious (medium/high findings)\n2 = dangerous (critical findings)\n3 = error\nOutput Format (aggregate_scan.py)\n{\n \"skills\": [\n {\n \"name\": \"skill-name\",\n \"verdict\": \"clean|suspicious|dangerous|error\",\n \"findingsCount\": 0,\n \"findings\": []\n }\n ],\n \"summary\": \"All 37 skills passed with no significant issues.\",\n \"totalSkills\": 37,\n \"cleanCount\": 37,\n \"suspiciousCount\": 0,\n \"dangerousCount\": 0,\n \"errorCount\": 0,\n \"timestamp\": \"2026-02-02T06:00:00+00:00\"\n}\n\nAuto-Detection\n\nBoth scripts auto-detect paths:\n\nSkills directory: Detected from script location (walks up to find skills/ parent), falls back to ~/clawd/skills, ~/skills, ~/.openclaw/skills\nScanner script: aggregate_scan.py finds scan_skill.py co-located in the same directory\nHandling Results\n✅ Clean (verdict: \"clean\")\nNo action needed — skill is safe\n⚠️ Suspicious (verdict: \"suspicious\")\nWarn the user with a summary of findings\nShow the category and severity of each finding\n🚨 Dangerous (verdict: \"dangerous\")\nBlock the skill — do not proceed with installation or use\nShow the full detailed findings to the user\nRequire explicit user override to proceed\nBuilt-in Allowlist\n\nThe aggregate scanner includes an allowlist for known false positives:\n\nSecurity scanners (skill-defender, clawdbot-security-check) — their docs/scripts contain the very patterns they detect\nAuth-dependent skills (tailscale, reddit, n8n, event-planner) — legitimately reference credential paths and API keys\nConfig-aware skills (memory-setup, eightctl, summarize) — reference config paths in documentation\nAgent-writing skills (self-improving-agent) — designed to modify agent files\nPattern Reference\n\nSee references/threat-patterns.md for full documentation of all detected patterns, organized by category with explanations of why each is dangerous.\n\nImportant Notes\nNo external dependencies — standard library only (Python 3.9+)\nFast — under 1 second per skill, ~30 seconds for a full batch of 30+ skills\nThis is deterministic pattern matching (Layer 2 defense). Not LLM-based.\nFalse positives are possible — the allowlist and --exclude flag help\nThe scanner will flag itself if scanned without the allowlist — this is expected" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/itsclawdbro/skill-defender", "publisherUrl": "https://clawhub.ai/itsclawdbro/skill-defender", "owner": "itsclawdbro", "version": "1.0.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/skill-defender", "downloadUrl": "https://openagent3.xyz/downloads/skill-defender", "agentUrl": "https://openagent3.xyz/skills/skill-defender/agent", "manifestUrl": "https://openagent3.xyz/skills/skill-defender/agent.json", "briefUrl": "https://openagent3.xyz/skills/skill-defender/agent.md" } }