{ "schemaVersion": "1.0", "item": { "slug": "skill-security-auditor", "name": "Skill Security Auditor", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/akhmittra/skill-security-auditor", "canonicalUrl": "https://clawhub.ai/akhmittra/skill-security-auditor", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/skill-security-auditor", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=skill-security-auditor", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "analyze-skill.sh", "README.md", "SKILL.md", "patterns/malicious-patterns.json" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-05-07T17:22:31.273Z", "expiresAt": "2026-05-14T17:22:31.273Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-annual-report", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-annual-report", "contentDisposition": "attachment; filename=\"afrexai-annual-report-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/skill-security-auditor" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/skill-security-auditor", "agentPageUrl": "https://openagent3.xyz/skills/skill-security-auditor/agent", "manifestUrl": "https://openagent3.xyz/skills/skill-security-auditor/agent.json", "briefUrl": "https://openagent3.xyz/skills/skill-security-auditor/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Description", "body": "The Skill Security Auditor is a command-line tool that performs pattern-based security analysis of ClawHub skills before installation. Given the recent discovery of 341+ malicious skills (ClawHavoc campaign) that distributed Atomic Stealer (AMOS) and stole cryptocurrency credentials, this tool provides essential pre-installation threat detection.\n\nWhat this skill provides:\n\n✅ Bash script (analyze-skill.sh) for local security analysis\n✅ Threat intelligence database (patterns/malicious-patterns.json)\n✅ Pattern matching against 20+ known malicious indicators\n✅ Risk scoring system (0-100 scale)\n✅ Detailed audit reports with recommendations\n\nHow to use it:\n\nInstall this skill from ClawHub\nRun the analyze-skill.sh script against any skill (by slug or local file)\nReview the risk assessment and findings\nMake informed decision about installation\n\nUse this tool when:\n\nAbout to install a new skill from ClawHub\nInvestigating suspicious skill behavior\nPerforming security due diligence on community skills\nAuditing your currently installed skills\n\nThis tool does NOT:\n\n❌ Automatically scan skills (you run it manually)\n❌ Block installations (it's advisory only)\n❌ Access VirusTotal API (use ClawHub's web interface for that)\n❌ Guarantee 100% detection (defense in depth recommended)" }, { "title": "1. Malicious Pattern Detection", "body": "Scans for known malicious patterns from the ClawHavoc campaign:\n\nFake prerequisite installations (openclaw-agent.zip, openclaw-setup.exe)\nSuspicious download commands in SKILL.md\nHidden payload execution in metadata\nSocial engineering language patterns\nUnauthorized external binary downloads" }, { "title": "2. Credential Leak Analysis", "body": "Identifies potential credential exposure vectors:\n\nHardcoded API keys, tokens, passwords in SKILL.md\nSuspicious environment variable exfiltration\nUnencrypted sensitive data transmission\nOverly broad permission requests\nCredential harvesting patterns" }, { "title": "3. Dependency Chain Validation", "body": "Analyzes skill dependencies for:\n\nUnverified binary requirements\nSuspicious GitHub repository sources\nExternal script execution\nNetwork connections to unknown hosts\nNested dependency exploitation" }, { "title": "4. C2 Infrastructure Detection", "body": "Checks for Command & Control indicators:\n\nKnown malicious IP addresses (e.g., 91.92.242.30 from ClawHavoc)\nSuspicious domain patterns\nEncoded communication endpoints\nData exfiltration channels\nBeaconing behavior patterns" }, { "title": "5. SKILL.md Structure Validation", "body": "Verifies skill integrity:\n\nProper YAML frontmatter structure\nMetadata consistency\nDescription clarity vs actual behavior\nPermission justification\nAuthor verification (GitHub account age)" }, { "title": "Security Scoring System", "body": "Each analyzed skill receives a Risk Score (0-100):\n\n0-20: ✅ SAFE - No significant security concerns\n21-40: ⚠️ LOW RISK - Minor concerns, proceed with caution\n41-60: 🟡 MEDIUM RISK - Multiple red flags, manual review recommended\n61-80: 🔴 HIGH RISK - Serious concerns, do NOT install without expert review\n81-100: ☠️ CRITICAL - Malicious indicators detected, AVOID installation" }, { "title": "Usage Instructions", "body": "This skill provides a bash script (analyze-skill.sh) that performs pattern-based security analysis of ClawHub skills. The analysis runs locally using the included threat intelligence database." }, { "title": "Installation & Setup", "body": "# Install the skill from ClawHub\nnpx clawhub install skill-security-auditor\n\n# Make the analyzer executable\nchmod +x ~/.openclaw/skills/skill-security-auditor/analyze-skill.sh\n\n# Optional: Create alias for convenience\necho 'alias audit-skill=\"~/.openclaw/skills/skill-security-auditor/analyze-skill.sh\"' >> ~/.bashrc\nsource ~/.bashrc" }, { "title": "Audit a Skill Before Installing", "body": "Method 1: Analyze by slug (automatic fetch from ClawHub)\n\n~/.openclaw/skills/skill-security-auditor/analyze-skill.sh --slug bitcoin-tracker\n\n# Example output:\n# ============================================\n# SECURITY AUDIT REPORT\n# ============================================\n# \n# Risk Score: 85/100 - ☠️ CRITICAL\n# ...\n\nMethod 2: Analyze local file\n\n# Download skill first\ncurl -s \"https://clawhub.ai/api/skills/bitcoin-tracker/latest\" > /tmp/skill.md\n\n# Then analyze\n~/.openclaw/skills/skill-security-auditor/analyze-skill.sh --file /tmp/skill.md" }, { "title": "Audit All Installed Skills", "body": "# Scan all skills in your workspace\nfor skill in ~/.openclaw/skills/*/SKILL.md; do\n echo \"Checking: $(basename $(dirname $skill))\"\n ~/.openclaw/skills/skill-security-auditor/analyze-skill.sh -f \"$skill\"\ndone" }, { "title": "Quick Manual Security Check", "body": "# Fast grep-based pattern matching (no full analysis)\ngrep -iE \"(prerequisite.*download|91\\.92\\.242\\.30|curl.*\\|.*bash)\" SKILL.md" }, { "title": "🚨 CRITICAL Red Flags (Auto-fail)", "body": "Fake Prerequisites Section\n\nMatches: \"Prerequisites\", \"Setup Required\", \"Installation Steps\"\nContains: Download links to .zip, .exe, .dmg files\nExample: \"Download openclaw-agent.zip from https://...\"\n\n\n\nKnown Malicious Infrastructure\n\nIP: 91.92.242.30 (ClawHavoc C2)\nDomains: Newly registered or suspicious TLDs\nEncoded URLs or base64 obfuscation\n\n\n\nCredential Harvesting\n\nRegex patterns for API keys: (api[_-]?key|token|password)\\s*[:=]\\s*['\\\"][^'\\\"]+['\\\"]\nSSH key access requests\nWallet private key patterns\n\n\n\nUnauthorized Code Execution\n\ncurl | bash or wget | sh patterns\nHidden base64 encoded commands\nDynamic eval() or exec() on external input" }, { "title": "⚠️ Warning Indicators (Score increase)", "body": "Suspicious Dependencies\n\nBinary requirements without clear justification\nDependencies from unverified sources\nExcessive permission requests\n\n\n\nObfuscation Techniques\n\nHeavily encoded strings in metadata\nMinified or obfuscated JavaScript/Python\nRedirect chains in URLs\n\n\n\nSocial Engineering Language\n\nUrgency phrases: \"Install immediately\", \"Limited time\"\nAuthority claims: \"Official OpenClaw\", \"Verified by Anthropic\"\nFear tactics: \"Your system is at risk without this\"" }, { "title": "✅ Positive Security Indicators", "body": "Verified Author\n\nGitHub account > 1 year old\nMultiple well-rated skills\nActive community engagement\n\n\n\nTransparent Dependencies\n\nClear binary requirements with official sources\nOpen-source tool dependencies\nWell-documented permission needs\n\n\n\nCode Quality\n\nClean, readable SKILL.md\nProper error handling\nNo unnecessary network calls" }, { "title": "Audit Report Format", "body": "## Security Audit Report\n**Skill**: {skill-name}\n**Author**: {author}\n**Version**: {version}\n**Audit Date**: {date}\n\n### Risk Score: {score}/100 - {RISK_LEVEL}\n\n### Critical Findings:\n- {finding 1}\n- {finding 2}\n\n### Warning Indicators:\n- {warning 1}\n- {warning 2}\n\n### Positive Indicators:\n- {positive 1}\n- {positive 2}\n\n### Recommendations:\n{INSTALL | DO NOT INSTALL | REVIEW MANUALLY}\n\n### Detailed Analysis:\n{Deep dive into specific concerns}\n\n### VirusTotal Link:\n{If available from ClawHub}" }, { "title": "Integration with VirusTotal", "body": "Important: This skill does NOT directly access VirusTotal's API. Instead, VirusTotal integration is available through ClawHub's web interface via their partnership with VirusTotal.\n\nTo check VirusTotal results for a skill:\n\nVisit the skill's ClawHub page: https://clawhub.ai/skills/{skill-slug}\nLook for the VirusTotal scan results on the skill's page\nClawHub automatically scans published skills via their VirusTotal partnership\n\nThis analyzer focuses on pattern-based threat detection. It complements (but does not replace) ClawHub's VirusTotal scanning." }, { "title": "Recommended Security Workflow", "body": "Run this analyzer first - Pattern-based detection (local, instant)\nCheck ClawHub's VirusTotal results - Binary/file reputation (if available)\nManual code review - Final verification for critical use cases\n\n# Step 1: Pattern analysis (local)\n~/.openclaw/skills/skill-security-auditor/analyze-skill.sh -s suspicious-skill\n\n# Step 2: Visit ClawHub page for VirusTotal results\n# https://clawhub.ai/skills/suspicious-skill\n\n# Step 3: Manual review if needed\ncurl -s \"https://clawhub.ai/api/skills/suspicious-skill/latest\" > skill.md\nless skill.md" }, { "title": "Example Workflow", "body": "Scenario: User wants to install a skill called solana-wallet-tracker\n\nStep 1: Run Security Analysis\n\n$ ~/.openclaw/skills/skill-security-auditor/analyze-skill.sh -s solana-wallet-tracker\n\nFetching skill 'solana-wallet-tracker' from ClawHub...\n✓ Skill fetched successfully\n\nAnalyzing skill content...\n\n============================================\n SECURITY AUDIT REPORT\n============================================\n\nRisk Score: 95/100 - ☠️ CRITICAL\n\n============================================\n\n☠️ CRITICAL FINDINGS:\n CLAW-001: Fake Prerequisites - ClawHavoc Campaign [+50 points]\n └─ Matches the ClawHavoc campaign pattern of fake prerequisites requesting malicious binary downloads\n CLAW-002: Known C2 Infrastructure [+50 points]\n └─ IP address used in ClawHavoc campaign for C2 communications\n\n============================================\nRECOMMENDATION:\nDO NOT INSTALL. Malicious patterns detected matching known attack campaigns.\n============================================\n\nStep 2: Decision\n\n☠️ CRITICAL Risk → DO NOT INSTALL\nReport skill to ClawHub moderators\nLook for safe alternatives\n\nStep 3: Verify on ClawHub (optional)\n\n# Visit skill page to check VirusTotal results\nopen \"https://clawhub.ai/skills/solana-wallet-tracker\"" }, { "title": "1. Behavioral Analysis (Future Enhancement)", "body": "Sandbox execution monitoring\nNetwork traffic analysis\nFile system access patterns" }, { "title": "2. Community Threat Intelligence", "body": "Share malicious skill signatures\nCollaborative IOC database\nReputation scoring system" }, { "title": "3. Continuous Monitoring", "body": "Auto-audit skills on updates\nAlert on new security advisories\nPeriodic re-scanning of installed skills" }, { "title": "False Positive Mitigation", "body": "To minimize false positives:\n\nContextual Analysis: Binary requirements for legitimate tools (e.g., gh for GitHub CLI) are validated against known safe sources\nWhitelisting: Verified authors and established skills get trust bonuses\nHuman Review Option: Always provide detailed reasoning for security decisions\nAppeal Process: Users can report false positives for skill reputation adjustment" }, { "title": "Compliance & Ethics", "body": "This skill:\n\n✅ Analyzes publicly available skill metadata\n✅ Protects user security and privacy\n✅ Promotes responsible skill development\n❌ Does NOT perform unauthorized access\n❌ Does NOT guarantee 100% security (nothing does)\n❌ Does NOT replace user judgment" }, { "title": "Safe Skill", "body": "✅ Security Audit Complete\n\n{skill-name} has been analyzed and appears SAFE to install.\n\nRisk Score: {score}/100 (LOW)\n\nNo malicious patterns detected. The skill:\n- Uses standard dependencies from trusted sources\n- Has a verified author with {X} published skills\n- Contains clear documentation with no obfuscation\n- Requests appropriate permissions for its function\n\nVirusTotal: {link}\n\nRecommendation: Safe to proceed with installation." }, { "title": "Suspicious Skill", "body": "🔴 Security Alert: HIGH RISK DETECTED\n\n{skill-name} has been flagged with CRITICAL security concerns.\n\nRisk Score: {score}/100 (HIGH)\n\n⚠️ Critical Findings:\n{detailed findings}\n\nThis skill matches patterns from the ClawHavoc malware campaign.\n\nRecommendation: DO NOT INSTALL. Consider reporting this skill to ClawHub moderators.\n\nAlternative safe skills: {suggestions}" }, { "title": "Technical Implementation Notes", "body": "Pattern Database Location: ~/.openclaw/security-auditor/patterns/\n\nmalicious-patterns.json: Known bad indicators\nsafe-patterns.json: Whitelisted elements\nioc-database.json: Indicators of Compromise\n\nUpdate Mechanism:\n\n# Pull latest threat intelligence\ncurl -s \"https://openclaw-security.github.io/threat-intel/latest.json\" \\\n > ~/.openclaw/security-auditor/patterns/ioc-database.json" }, { "title": "Contributing", "body": "Found a new malicious pattern? Submit IOCs to the OpenClaw Security Working Group:\n\nGitHub: github.com/openclaw/security-auditor\nReport Format: JSON with pattern regex, description, severity" }, { "title": "Limitations", "body": "⚠️ Important Disclaimers:\n\nThis tool provides analysis, not guarantees\nSophisticated malware may evade detection\nAlways combine with VirusTotal + manual review for critical applications\nSecurity is a shared responsibility\nNo automated tool replaces security expertise" }, { "title": "References", "body": "ClawHavoc Campaign Analysis: [The Hacker News, Feb 2026]\nOpenClaw Security Partnership: VirusTotal Integration\nMalicious Skill Database: OpenSourceMalware Research\nClawHub Moderation Guide: docs.openclaw.ai/security\n\nRemember: The best security is defense in depth. Use this skill as ONE layer of your security strategy, not the only layer.\n\nStay safe, stay skeptical, stay secure. 🦞🛡️" } ], "body": "Skill Security Auditor\nDescription\n\nThe Skill Security Auditor is a command-line tool that performs pattern-based security analysis of ClawHub skills before installation. Given the recent discovery of 341+ malicious skills (ClawHavoc campaign) that distributed Atomic Stealer (AMOS) and stole cryptocurrency credentials, this tool provides essential pre-installation threat detection.\n\nWhat this skill provides:\n\n✅ Bash script (analyze-skill.sh) for local security analysis\n✅ Threat intelligence database (patterns/malicious-patterns.json)\n✅ Pattern matching against 20+ known malicious indicators\n✅ Risk scoring system (0-100 scale)\n✅ Detailed audit reports with recommendations\n\nHow to use it:\n\nInstall this skill from ClawHub\nRun the analyze-skill.sh script against any skill (by slug or local file)\nReview the risk assessment and findings\nMake informed decision about installation\n\nUse this tool when:\n\nAbout to install a new skill from ClawHub\nInvestigating suspicious skill behavior\nPerforming security due diligence on community skills\nAuditing your currently installed skills\n\nThis tool does NOT:\n\n❌ Automatically scan skills (you run it manually)\n❌ Block installations (it's advisory only)\n❌ Access VirusTotal API (use ClawHub's web interface for that)\n❌ Guarantee 100% detection (defense in depth recommended)\nCore Capabilities\n1. Malicious Pattern Detection\n\nScans for known malicious patterns from the ClawHavoc campaign:\n\nFake prerequisite installations (openclaw-agent.zip, openclaw-setup.exe)\nSuspicious download commands in SKILL.md\nHidden payload execution in metadata\nSocial engineering language patterns\nUnauthorized external binary downloads\n2. Credential Leak Analysis\n\nIdentifies potential credential exposure vectors:\n\nHardcoded API keys, tokens, passwords in SKILL.md\nSuspicious environment variable exfiltration\nUnencrypted sensitive data transmission\nOverly broad permission requests\nCredential harvesting patterns\n3. Dependency Chain Validation\n\nAnalyzes skill dependencies for:\n\nUnverified binary requirements\nSuspicious GitHub repository sources\nExternal script execution\nNetwork connections to unknown hosts\nNested dependency exploitation\n4. C2 Infrastructure Detection\n\nChecks for Command & Control indicators:\n\nKnown malicious IP addresses (e.g., 91.92.242.30 from ClawHavoc)\nSuspicious domain patterns\nEncoded communication endpoints\nData exfiltration channels\nBeaconing behavior patterns\n5. SKILL.md Structure Validation\n\nVerifies skill integrity:\n\nProper YAML frontmatter structure\nMetadata consistency\nDescription clarity vs actual behavior\nPermission justification\nAuthor verification (GitHub account age)\nSecurity Scoring System\n\nEach analyzed skill receives a Risk Score (0-100):\n\n0-20: ✅ SAFE - No significant security concerns\n21-40: ⚠️ LOW RISK - Minor concerns, proceed with caution\n41-60: 🟡 MEDIUM RISK - Multiple red flags, manual review recommended\n61-80: 🔴 HIGH RISK - Serious concerns, do NOT install without expert review\n81-100: ☠️ CRITICAL - Malicious indicators detected, AVOID installation\nUsage Instructions\n\nThis skill provides a bash script (analyze-skill.sh) that performs pattern-based security analysis of ClawHub skills. The analysis runs locally using the included threat intelligence database.\n\nInstallation & Setup\n# Install the skill from ClawHub\nnpx clawhub install skill-security-auditor\n\n# Make the analyzer executable\nchmod +x ~/.openclaw/skills/skill-security-auditor/analyze-skill.sh\n\n# Optional: Create alias for convenience\necho 'alias audit-skill=\"~/.openclaw/skills/skill-security-auditor/analyze-skill.sh\"' >> ~/.bashrc\nsource ~/.bashrc\n\nAudit a Skill Before Installing\n\nMethod 1: Analyze by slug (automatic fetch from ClawHub)\n\n~/.openclaw/skills/skill-security-auditor/analyze-skill.sh --slug bitcoin-tracker\n\n# Example output:\n# ============================================\n# SECURITY AUDIT REPORT\n# ============================================\n# \n# Risk Score: 85/100 - ☠️ CRITICAL\n# ...\n\n\nMethod 2: Analyze local file\n\n# Download skill first\ncurl -s \"https://clawhub.ai/api/skills/bitcoin-tracker/latest\" > /tmp/skill.md\n\n# Then analyze\n~/.openclaw/skills/skill-security-auditor/analyze-skill.sh --file /tmp/skill.md\n\nAudit All Installed Skills\n# Scan all skills in your workspace\nfor skill in ~/.openclaw/skills/*/SKILL.md; do\n echo \"Checking: $(basename $(dirname $skill))\"\n ~/.openclaw/skills/skill-security-auditor/analyze-skill.sh -f \"$skill\"\ndone\n\nQuick Manual Security Check\n# Fast grep-based pattern matching (no full analysis)\ngrep -iE \"(prerequisite.*download|91\\.92\\.242\\.30|curl.*\\|.*bash)\" SKILL.md\n\nDetection Heuristics\n🚨 CRITICAL Red Flags (Auto-fail)\n\nFake Prerequisites Section\n\nMatches: \"Prerequisites\", \"Setup Required\", \"Installation Steps\"\nContains: Download links to .zip, .exe, .dmg files\nExample: \"Download openclaw-agent.zip from https://...\"\n\nKnown Malicious Infrastructure\n\nIP: 91.92.242.30 (ClawHavoc C2)\nDomains: Newly registered or suspicious TLDs\nEncoded URLs or base64 obfuscation\n\nCredential Harvesting\n\nRegex patterns for API keys: (api[_-]?key|token|password)\\s*[:=]\\s*['\\\"][^'\\\"]+['\\\"]\nSSH key access requests\nWallet private key patterns\n\nUnauthorized Code Execution\n\ncurl | bash or wget | sh patterns\nHidden base64 encoded commands\nDynamic eval() or exec() on external input\n⚠️ Warning Indicators (Score increase)\n\nSuspicious Dependencies\n\nBinary requirements without clear justification\nDependencies from unverified sources\nExcessive permission requests\n\nObfuscation Techniques\n\nHeavily encoded strings in metadata\nMinified or obfuscated JavaScript/Python\nRedirect chains in URLs\n\nSocial Engineering Language\n\nUrgency phrases: \"Install immediately\", \"Limited time\"\nAuthority claims: \"Official OpenClaw\", \"Verified by Anthropic\"\nFear tactics: \"Your system is at risk without this\"\n✅ Positive Security Indicators\n\nVerified Author\n\nGitHub account > 1 year old\nMultiple well-rated skills\nActive community engagement\n\nTransparent Dependencies\n\nClear binary requirements with official sources\nOpen-source tool dependencies\nWell-documented permission needs\n\nCode Quality\n\nClean, readable SKILL.md\nProper error handling\nNo unnecessary network calls\nAudit Report Format\n## Security Audit Report\n**Skill**: {skill-name}\n**Author**: {author}\n**Version**: {version}\n**Audit Date**: {date}\n\n### Risk Score: {score}/100 - {RISK_LEVEL}\n\n### Critical Findings:\n- {finding 1}\n- {finding 2}\n\n### Warning Indicators:\n- {warning 1}\n- {warning 2}\n\n### Positive Indicators:\n- {positive 1}\n- {positive 2}\n\n### Recommendations:\n{INSTALL | DO NOT INSTALL | REVIEW MANUALLY}\n\n### Detailed Analysis:\n{Deep dive into specific concerns}\n\n### VirusTotal Link:\n{If available from ClawHub}\n\nIntegration with VirusTotal\n\nImportant: This skill does NOT directly access VirusTotal's API. Instead, VirusTotal integration is available through ClawHub's web interface via their partnership with VirusTotal.\n\nTo check VirusTotal results for a skill:\n\nVisit the skill's ClawHub page: https://clawhub.ai/skills/{skill-slug}\nLook for the VirusTotal scan results on the skill's page\nClawHub automatically scans published skills via their VirusTotal partnership\n\nThis analyzer focuses on pattern-based threat detection. It complements (but does not replace) ClawHub's VirusTotal scanning.\n\nRecommended Security Workflow\nRun this analyzer first - Pattern-based detection (local, instant)\nCheck ClawHub's VirusTotal results - Binary/file reputation (if available)\nManual code review - Final verification for critical use cases\n# Step 1: Pattern analysis (local)\n~/.openclaw/skills/skill-security-auditor/analyze-skill.sh -s suspicious-skill\n\n# Step 2: Visit ClawHub page for VirusTotal results\n# https://clawhub.ai/skills/suspicious-skill\n\n# Step 3: Manual review if needed\ncurl -s \"https://clawhub.ai/api/skills/suspicious-skill/latest\" > skill.md\nless skill.md\n\nExample Workflow\n\nScenario: User wants to install a skill called solana-wallet-tracker\n\nStep 1: Run Security Analysis\n\n$ ~/.openclaw/skills/skill-security-auditor/analyze-skill.sh -s solana-wallet-tracker\n\nFetching skill 'solana-wallet-tracker' from ClawHub...\n✓ Skill fetched successfully\n\nAnalyzing skill content...\n\n============================================\n SECURITY AUDIT REPORT\n============================================\n\nRisk Score: 95/100 - ☠️ CRITICAL\n\n============================================\n\n☠️ CRITICAL FINDINGS:\n CLAW-001: Fake Prerequisites - ClawHavoc Campaign [+50 points]\n └─ Matches the ClawHavoc campaign pattern of fake prerequisites requesting malicious binary downloads\n CLAW-002: Known C2 Infrastructure [+50 points]\n └─ IP address used in ClawHavoc campaign for C2 communications\n\n============================================\nRECOMMENDATION:\nDO NOT INSTALL. Malicious patterns detected matching known attack campaigns.\n============================================\n\n\nStep 2: Decision\n\n☠️ CRITICAL Risk → DO NOT INSTALL\nReport skill to ClawHub moderators\nLook for safe alternatives\n\nStep 3: Verify on ClawHub (optional)\n\n# Visit skill page to check VirusTotal results\nopen \"https://clawhub.ai/skills/solana-wallet-tracker\"\n\nAdvanced Features\n1. Behavioral Analysis (Future Enhancement)\nSandbox execution monitoring\nNetwork traffic analysis\nFile system access patterns\n2. Community Threat Intelligence\nShare malicious skill signatures\nCollaborative IOC database\nReputation scoring system\n3. Continuous Monitoring\nAuto-audit skills on updates\nAlert on new security advisories\nPeriodic re-scanning of installed skills\nFalse Positive Mitigation\n\nTo minimize false positives:\n\nContextual Analysis: Binary requirements for legitimate tools (e.g., gh for GitHub CLI) are validated against known safe sources\nWhitelisting: Verified authors and established skills get trust bonuses\nHuman Review Option: Always provide detailed reasoning for security decisions\nAppeal Process: Users can report false positives for skill reputation adjustment\nCompliance & Ethics\n\nThis skill:\n\n✅ Analyzes publicly available skill metadata\n✅ Protects user security and privacy\n✅ Promotes responsible skill development\n❌ Does NOT perform unauthorized access\n❌ Does NOT guarantee 100% security (nothing does)\n❌ Does NOT replace user judgment\nResponse Templates\nSafe Skill\n✅ Security Audit Complete\n\n{skill-name} has been analyzed and appears SAFE to install.\n\nRisk Score: {score}/100 (LOW)\n\nNo malicious patterns detected. The skill:\n- Uses standard dependencies from trusted sources\n- Has a verified author with {X} published skills\n- Contains clear documentation with no obfuscation\n- Requests appropriate permissions for its function\n\nVirusTotal: {link}\n\nRecommendation: Safe to proceed with installation.\n\nSuspicious Skill\n🔴 Security Alert: HIGH RISK DETECTED\n\n{skill-name} has been flagged with CRITICAL security concerns.\n\nRisk Score: {score}/100 (HIGH)\n\n⚠️ Critical Findings:\n{detailed findings}\n\nThis skill matches patterns from the ClawHavoc malware campaign.\n\nRecommendation: DO NOT INSTALL. Consider reporting this skill to ClawHub moderators.\n\nAlternative safe skills: {suggestions}\n\nTechnical Implementation Notes\n\nPattern Database Location: ~/.openclaw/security-auditor/patterns/\n\nmalicious-patterns.json: Known bad indicators\nsafe-patterns.json: Whitelisted elements\nioc-database.json: Indicators of Compromise\n\nUpdate Mechanism:\n\n# Pull latest threat intelligence\ncurl -s \"https://openclaw-security.github.io/threat-intel/latest.json\" \\\n > ~/.openclaw/security-auditor/patterns/ioc-database.json\n\nContributing\n\nFound a new malicious pattern? Submit IOCs to the OpenClaw Security Working Group:\n\nGitHub: github.com/openclaw/security-auditor\nReport Format: JSON with pattern regex, description, severity\nLimitations\n\n⚠️ Important Disclaimers:\n\nThis tool provides analysis, not guarantees\nSophisticated malware may evade detection\nAlways combine with VirusTotal + manual review for critical applications\nSecurity is a shared responsibility\nNo automated tool replaces security expertise\nReferences\nClawHavoc Campaign Analysis: [The Hacker News, Feb 2026]\nOpenClaw Security Partnership: VirusTotal Integration\nMalicious Skill Database: OpenSourceMalware Research\nClawHub Moderation Guide: docs.openclaw.ai/security\n\nRemember: The best security is defense in depth. Use this skill as ONE layer of your security strategy, not the only layer.\n\nStay safe, stay skeptical, stay secure. 🦞🛡️" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/akhmittra/skill-security-auditor", "publisherUrl": "https://clawhub.ai/akhmittra/skill-security-auditor", "owner": "akhmittra", "version": "1.0.1", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/skill-security-auditor", "downloadUrl": "https://openagent3.xyz/downloads/skill-security-auditor", "agentUrl": "https://openagent3.xyz/skills/skill-security-auditor/agent", "manifestUrl": "https://openagent3.xyz/skills/skill-security-auditor/agent.json", "briefUrl": "https://openagent3.xyz/skills/skill-security-auditor/agent.md" } }