# Send Skill Scan to your agent Use the source page and any available docs to guide the install because the item is currently unstable or timing out. ## Fast path - Open the source page via Review source status. - If you can obtain the package, extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the source page and extracted files. ## Suggested prompts ### New install ```text I tried to install a skill package from Yavira, but the item is currently unstable or timing out. Inspect the source page and any extracted docs, then tell me what you can confirm and any manual steps still required. Then review README.md for any prerequisites, environment setup, or post-install checks. ``` ### Upgrade existing ```text I tried to upgrade a skill package from Yavira, but the item is currently unstable or timing out. Compare the source page and any extracted docs with my current installation, then summarize what changed and what manual follow-up I still need. Then review README.md for any prerequisites, environment setup, or post-install checks. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "skill-scan", "name": "Skill Scan", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/dgriffin831/skill-scan", "canonicalUrl": "https://clawhub.ai/dgriffin831/skill-scan", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/skill-scan", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=skill-scan", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "CHANGELOG.md", "pyproject.toml", "TESTING.md", "README.md", "SKILL.md", "rules/dangerous-patterns.json" ], "downloadMode": "manual_only", "sourceHealth": { "source": "tencent", "slug": "skill-scan", "status": "unstable", "reason": "timeout", "recommendedAction": "retry_later", "checkedAt": "2026-04-29T15:27:26.919Z", "expiresAt": "2026-04-30T03:27:26.919Z", "httpStatus": null, "finalUrl": null, "contentType": null, "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=skill-scan", "error": "Timed out after 5000ms", "slug": "skill-scan" }, "scope": "item", "summary": "Item is unstable.", "detail": "This item is timing out or returning errors right now. Review the source page and try again later.", "primaryActionLabel": "Review source status", "primaryActionHref": "https://clawhub.ai/dgriffin831/skill-scan" }, "validation": { "installChecklist": [ "Wait for the source to recover or retry later.", "Review SKILL.md only after the download returns a real package.", "Treat this source as transient until the upstream errors clear." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/skill-scan", "downloadUrl": "https://openagent3.xyz/downloads/skill-scan", "agentUrl": "https://openagent3.xyz/skills/skill-scan/agent", "manifestUrl": "https://openagent3.xyz/skills/skill-scan/agent.json", "briefUrl": "https://openagent3.xyz/skills/skill-scan/agent.md" } } ``` ## Documentation ### Skill-Scan — Security Auditor for Agent Skills Multi-layered security scanner for OpenClaw skill packages. Detects malicious code, evasion techniques, prompt injection, and misaligned behavior through static analysis and optional LLM-powered deep inspection. Run this BEFORE installing or enabling any untrusted skill. ### Features 6 analysis layers — pattern matching, AST/evasion, prompt injection, LLM deep analysis, alignment verification, meta-analysis 60+ detection rules — execution threats, credential theft, data exfiltration, obfuscation, behavioral signatures Context-aware scoring — reduces false positives for legitimate API skills ClawHub integration — scan skills directly from the registry by slug Multiple output modes — text report (default), --json, --compact, --quiet Exit codes — 0 for safe, 1 for risky (easy scripting integration) ### When to Use MANDATORY before installing or enabling: Skills from ClawHub (any skill not authored by you) Skills shared by other users or teams Skills from public repositories Any skill package you haven't personally reviewed RECOMMENDED for periodic audits of already-installed skills. ### Quick Start # Scan a local skill directory skill-scan scan /path/to/skill # Scan a skill from ClawHub before installing it skill-scan scan-hub some-skill-slug # Batch scan all installed skills skill-scan batch /path/to/skills-directory # JSON output for programmatic use skill-scan scan-hub some-skill-slug --json # Quiet mode (just score + verdict) skill-scan scan-hub some-skill-slug --quiet ### Risk Scoring RiskScoreActionLOW80-100Safe to installMEDIUM50-79Review findings before installingHIGH20-49Do NOT install — serious threats detectedCRITICAL0-19Do NOT install — multiple critical threats ### Exit Codes 0 — LOW risk (safe to proceed) 1 — MEDIUM or higher (block installation) ### LLM Options skill-scan scan-hub slug --llm # Always run deep analysis (layers 4-5) skill-scan scan-hub slug --llm-auto # LLM only if pattern scan finds MEDIUM+ skill-scan scan-hub slug --llm-only # Skip patterns, LLM analysis only Provider auto-detected from environment: OPENAI_API_KEY -> gpt-4o-mini ANTHROPIC_API_KEY -> claude-sonnet-4-5 ### For the Agent When the user asks to install a skill from ClawHub, follow this workflow: Scan first — run skill-scan scan-hub BEFORE installing Check the result: If LOW risk (exit code 0): proceed with installation If MEDIUM risk: show findings to the user and ask whether to proceed If HIGH or CRITICAL risk: block installation and show the report Report — always show the user the scan summary (score, risk level, finding count) ### Alert Format When a scan finds MEDIUM or higher risk: 🛡️ Skill-Scan Alert: {RISK_LEVEL} ({SCORE}/100) Skill: {slug} Findings: {count} issue(s) detected Top threat: {highest severity finding title} Action: Installation blocked pending review. ### AGENTS.md Integration To integrate skill-scan into your agent's workflow, add ONE of the following templates to your AGENTS.md (or equivalent agent instructions file). ### Option A: Automatic Scanning (Recommended) All ClawHub skill installs are automatically scanned before installation. No manual step needed. ## Skill-Scan — Automatic Pre-Install Security Scanning BEFORE installing any skill from ClawHub, you MUST scan it with skill-scan first. This is non-negotiable — never skip the scan. ### Workflow 1. When the user asks to install a skill (e.g. \`clawhub install \`), run the scan FIRST: \`\`\`bash skill-scan scan-hub Check the exit code and output: Exit code 0 (LOW risk) — proceed with clawhub install Exit code 1 (MEDIUM risk) — show findings to the user, ask whether to proceed Exit code 1 (HIGH/CRITICAL risk) — BLOCK installation, show the full report Never install a HIGH or CRITICAL risk skill without explicit user override Always show the scan summary to the user before proceeding with installation ### Periodic Audits When asked to audit installed skills, batch scan the skills directory: skill-scan batch {skillsDir} ### LLM Deep Analysis For high-stakes installs or when pattern scan returns MEDIUM, escalate to LLM analysis: skill-scan scan-hub --llm-auto ### Option B: Manual On-Demand Scanning Skills are only scanned when the user explicitly asks. Installation proceeds without automatic checks. \`\`\`markdown ## Skill-Scan — On-Demand Skill Security Scanning skill-scan is available to audit skill packages for security threats. Use it when the user requests a security scan. ### Commands - **Scan a ClawHub skill**: \`skill-scan scan-hub \` - **Scan a local skill**: \`skill-scan scan /path/to/skill\` - **Batch scan installed skills**: \`skill-scan batch {skillsDir}\` - **Deep analysis with LLM**: add \`--llm\` or \`--llm-auto\` to any scan command ### Risk Levels - **LOW (80-100)** — safe, no significant threats - **MEDIUM (50-79)** — review findings, use caution - **HIGH (20-49)** — serious threats, do not install - **CRITICAL (0-19)** — multiple critical threats, do not install ### When the User Asks to Scan 1. Run the appropriate scan command 2. Show the scan summary (score, risk level, finding count) 3. If MEDIUM+, list the top findings with severity and description 4. Let the user decide what to do ### Install-Time Setup When this skill is first installed, ask the user: How should skill-scan integrate with your workflow? Automatic (Recommended) — Every clawhub install is scanned first. HIGH/CRITICAL installs are blocked automatically. Manual — Scanning only happens when you explicitly ask for it. Based on their choice, add the corresponding template (Option A or Option B above) to the project's AGENTS.md. ### Detection Categories Execution threats — eval(), exec(), child_process, dynamic imports Credential theft — .env access, API keys, tokens, private keys, wallet files Data exfiltration — fetch(), axios, requests, sockets, webhooks Filesystem manipulation — Write/delete/rename operations Obfuscation — Base64, hex, unicode encoding, string construction Prompt injection — Jailbreaks, invisible characters, homoglyphs, roleplay framing, encoded instructions Behavioral signatures — Compound patterns: data exfiltration, trojan skills, evasive malware, persistent backdoors ### Requirements Python 3.10+ httpx>=0.27 (for LLM API calls only) API key only needed for --llm modes (static analysis is self-contained) ### Related Skills input-guard — External input scanning memory-scan — Agent memory security guardrails — Security policy configuration ## Trust - Source: tencent - Verification: Indexed source record - Publisher: dgriffin831 - Version: 1.0.0 ## Source health - Status: unstable - Item is unstable. - This item is timing out or returning errors right now. Review the source page and try again later. - Health scope: item - Reason: timeout - Checked at: 2026-04-29T15:27:26.919Z - Expires at: 2026-04-30T03:27:26.919Z - Recommended action: Review source status ## Links - [Detail page](https://openagent3.xyz/skills/skill-scan) - [Send to Agent page](https://openagent3.xyz/skills/skill-scan/agent) - [JSON manifest](https://openagent3.xyz/skills/skill-scan/agent.json) - [Markdown brief](https://openagent3.xyz/skills/skill-scan/agent.md) - [Download page](https://openagent3.xyz/downloads/skill-scan)