# Send skill-security-scanner-clean to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "skill-security-scanner-clean", "name": "skill-security-scanner-clean", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/CookieMikeLiu/skill-security-scanner-clean", "canonicalUrl": "https://clawhub.ai/CookieMikeLiu/skill-security-scanner-clean", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/skill-security-scanner-clean", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=skill-security-scanner-clean", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "SKILL.md", "scripts/install_guard.py", "scripts/security_scanner.py", "references/rules-reference.md", "assets/logo.svg" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "slug": "skill-security-scanner-clean", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-29T20:11:09.270Z", "expiresAt": "2026-05-06T20:11:09.270Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=skill-security-scanner-clean", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=skill-security-scanner-clean", "contentDisposition": "attachment; filename=\"skill-security-scanner-clean-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null, "slug": "skill-security-scanner-clean" }, "scope": "item", "summary": "Item download looks usable.", "detail": "Yavira can redirect you to the upstream package for this item.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/skill-security-scanner-clean" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/skill-security-scanner-clean", "downloadUrl": "https://openagent3.xyz/downloads/skill-security-scanner-clean", "agentUrl": "https://openagent3.xyz/skills/skill-security-scanner-clean/agent", "manifestUrl": "https://openagent3.xyz/skills/skill-security-scanner-clean/agent.json", "briefUrl": "https://openagent3.xyz/skills/skill-security-scanner-clean/agent.md" } } ``` ## Documentation ### Skill Security Scanner Protect your OpenClaw installation from malicious skills. This scanner performs static analysis on skill code to detect: Code Execution Threats: eval, exec, os.system, subprocess calls Data Exfiltration: Hidden network requests, suspicious URLs, IP connections System Compromise: File deletion, permission changes, privilege escalation Credential Theft: Environment variable access, secret harvesting Cryptojacking: Mining malware, suspicious compute patterns Obfuscation: Hidden code, base64 encoding, minification Spyware: Keyloggers, screen capture, surveillance features ### Quick Start # Basic scan python scripts/security_scanner.py /path/to/skill # Strict mode (catches more suspicious patterns) python scripts/security_scanner.py /path/to/skill --strict # Save JSON report python scripts/security_scanner.py /path/to/skill --format json -o report.json # Generate markdown report python scripts/security_scanner.py /path/to/skill --format markdown -o report.md ### Verdict Levels VerdictEmojiMeaningActionPASS🟢No critical issues foundSafe to installREVIEW🟡Some concerns, review recommendedCheck findings before installingWARNING🟠High-risk patterns detectedStrongly reconsider installationREJECT🔴Critical threats identifiedDO NOT INSTALL ### Security Score 90-100: Excellent - minimal risk 70-89: Good - minor issues 50-69: Fair - requires review 0-49: Poor - significant risks ### Critical (🔴) RuleDescriptionExampleEXEC001Code execution functionseval(), exec(), compile()SUSPICIOUS001Keylogger functionalitypynput, keyboard modulesSUSPICIOUS003Cryptocurrency miningmining, bitcoin, stratum+tcp ### High (🟠) RuleDescriptionExampleEXEC002System command executionos.system(), subprocess.call()NET002Raw socket connectionssocket.connect()ENV001Sensitive credential accessos.environ['PASSWORD']OBF001Code obfuscationBase64, hex-encoded codeSUSPICIOUS002Screen capturepyautogui.screenshot()NET004Short URL usagebit.ly, tinyurl links ### Medium (🟡) RuleDescriptionExampleNET001HTTP network requestsrequests.get(), fetch()ENV002Environment enumerationos.environ.items()FILE001File deletionos.remove(), shutil.rmtree()DATA001Unsafe deserializationpickle.loads(), yaml.load()NET003Hardcoded IP addressesDirect IP in URLsOBF002Base64 encoded blocksLarge base64 strings ### Low/Info (🔵/⚪) RuleDescriptionFILE002File write operationsCRYPTO001Cryptographic operationsDOC001Insufficient documentationDOC002Missing security statements ### Before Installing a New Skill Download the skill to a temporary directory Run the security scanner Review the verdict: 🟢 PASS: Proceed with installation 🟡 REVIEW: Examine findings, verify legitimate use 🟠 WARNING: Only install from trusted sources 🔴 REJECT: Do not install For 🟡/🟠 findings, manually review the flagged code Confirm the skill's behavior matches its documentation ### Before Updating an Existing Skill Run scanner on the new version Compare results with previous version's scan Check for new critical/high findings Review any new network/file operations ### Automated Integration Add to your skill installation workflow: import subprocess import sys def safe_install_skill(skill_path): # Run security scan result = subprocess.run( ['python', 'scripts/security_scanner.py', skill_path, '--format', 'json'], capture_output=True, text=True ) import json report = json.loads(result.stdout) if report['summary']['verdict'] == 'REJECT': print("❌ Installation blocked: Critical security issues found") return False if report['summary']['verdict'] == 'WARNING': response = input("⚠️ High-risk patterns detected. Install anyway? (y/N): ") if response.lower() != 'y': return False # Proceed with installation return True ### Handling False Positives Some legitimate skills may trigger warnings: Network requests: Skills that fetch data from APIs File operations: Skills that modify documents Encryption: Skills handling sensitive data When you trust the source and understand the functionality, you can: Review the specific code flagged Verify it matches the documented purpose Manually approve if confident ### Reporting Issues If you find a skill with confirmed malicious intent: Do not install or run it Report to the skill repository/hosting platform Notify OpenClaw community channels Share scan report (without executing the skill) ### Best Practices Only install skills from trusted sources Always scan before installing - even from trusted sources Review findings carefully - understand what the skill does Keep scanner updated - new detection rules added regularly Use strict mode for untrusted sources - catches more suspicious patterns Check skill updates - re-scan when updating existing skills ### Exit Codes The scanner returns specific exit codes: CodeMeaning0PASS or REVIEW - installation may proceed1WARNING - high-risk patterns found2REJECT - critical threats detected Use in scripts: python scripts/security_scanner.py ./skill || { echo "Security check failed" exit 1 } ## Trust - Source: tencent - Verification: Indexed source record - Publisher: CookieMikeLiu - Version: 1.0.0 ## Source health - Status: healthy - Item download looks usable. - Yavira can redirect you to the upstream package for this item. - Health scope: item - Reason: direct_download_ok - Checked at: 2026-04-29T20:11:09.270Z - Expires at: 2026-05-06T20:11:09.270Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/skill-security-scanner-clean) - [Send to Agent page](https://openagent3.xyz/skills/skill-security-scanner-clean/agent) - [JSON manifest](https://openagent3.xyz/skills/skill-security-scanner-clean/agent.json) - [Markdown brief](https://openagent3.xyz/skills/skill-security-scanner-clean/agent.md) - [Download page](https://openagent3.xyz/downloads/skill-security-scanner-clean)