# Send Skill to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "skill-shield", "name": "Skill", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/yx2601816404-sys/skill-shield", "canonicalUrl": "https://clawhub.ai/yx2601816404-sys/skill-shield", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/skill-shield", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=skill-shield", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "SKILL.md", "reports/report.json", "reports/report.md", "scripts/scan.py", "scripts/test_scan.py" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "slug": "skill-shield", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-29T15:26:23.667Z", "expiresAt": "2026-05-06T15:26:23.667Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=skill-shield", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=skill-shield", "contentDisposition": "attachment; filename=\"skill-shield-0.6.1.zip\"", "redirectLocation": null, "bodySnippet": null, "slug": "skill-shield" }, "scope": "item", "summary": "Item download looks usable.", "detail": "Yavira can redirect you to the upstream package for this item.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/skill-shield" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/skill-shield", "downloadUrl": "https://openagent3.xyz/downloads/skill-shield", "agentUrl": "https://openagent3.xyz/skills/skill-shield/agent", "manifestUrl": "https://openagent3.xyz/skills/skill-shield/agent.json", "briefUrl": "https://openagent3.xyz/skills/skill-shield/agent.md" } } ``` ## Documentation ### Skill Shield v0.6.1 — Security Auditor Scan any skill directory for permissions and dangerous patterns. Get a safety rating before you install. ### Usage Run the scanner on a skill directory: python3 scripts/scan.py /path/to/skill-directory ### SARIF Output (GitHub Code Scanning) python3 scripts/scan.py /path/to/skill-directory --sarif ### Output The script prints two blocks to stdout: A JSON report (between --- JSON START --- and --- JSON END --- markers) A Markdown report (between --- MD START --- and --- MD END --- markers) ### Save reports to files python3 scripts/scan.py /path/to/skill-directory --output-dir /path/to/output This creates report.json and report.md in the output directory. ### Safety Ratings GradeMeaningActionASafeInstall freelyBLow riskMinor concerns, generally safeCNeeds reviewReview flagged patterns before installingDHigh riskSignificant dangerous patterns detectedFDangerousDo not install without thorough manual review ### Detection Capabilities (65 patterns, 11 categories) File deletion: rm -rf, shred, unlink, rmtree, rimraf, del /f (7 patterns) Network exfiltration: curl POST, wget --post, requests.post, fetch POST, netcat reverse shell, DNS exfil, pipe to curl, socat (9 patterns) Environment variable access: process.env, os.environ, .env files, printenv (5 patterns) Secret/key access: .ssh/, .gnupg/, private keys, wallets, tokens, passwords, keychain, cloud credentials (8 patterns) Privilege escalation: sudo, su, chmod 777, chown, setuid/setgid, doas (6 patterns) Code execution: eval, exec(), Function(), child_process, subprocess, os.system, os.popen, compile (8 patterns) Data collection: /etc/passwd, /etc/shadow, whoami, hostname, ifconfig, /proc/self (6 patterns) Persistence: crontab, systemd, rc.local, shell profile modification, autostart (5 patterns) Obfuscation: long base64 strings, hex escapes, charCode, base64 decode, string reversal (5 patterns) Cryptocurrency/mining: xmrig/minerd, mining pool URLs, wallet addresses (3 patterns) Shell injection: backtick execution, pipe to shell, download-and-execute (3 patterns) ### Permission Declaration Audit (unique to skill-shield) Compares tools declared in SKILL.md against tools actually used in code. Reports: Undeclared permissions with sensitivity scoring (1-5) Unused declared permissions Declaration coverage ratio Per-tool risk recommendations ### Anti-Obfuscation Analysis Automatically decodes base64 and hex-encoded content, then re-scans decoded output for dangerous patterns. Obfuscated findings receive elevated severity. ### Context-Aware False Positive Reduction Comments and docstrings: severity reduced by 2 Markdown code blocks in SKILL.md: severity reduced by 2 (examples, not real code) Pattern definition lines in scanner source: skipped entirely Original vs adjusted severity shown in reports (e.g., "Low (2←4)") ### CWE References Every detection pattern includes a CWE (Common Weakness Enumeration) reference for professional vulnerability classification. ### Batch Scanning Scan all skills in a directory at once with --batch: python3 scripts/scan.py /path/to/skills/ --batch python3 scripts/scan.py /path/to/skills/ --batch --json-summary python3 scripts/scan.py /path/to/skills/ --batch --json-summary -o /path/to/output ### Performance Skips venv/node_modules/dist/.git directories automatically Caps at 200 script files per skill for safety 164 skills scanned in ~8 seconds ### Output Markdown table with summary stats and per-skill ratings (default) JSON summary with --json-summary flag for machine consumption Writes batch-summary.json when using -o ### GitHub Code Scanning Integration Use --sarif flag to output SARIF 2.1.0 format, compatible with: GitHub Code Scanning (upload-sarif action) VS Code SARIF Viewer extension SARIF Web Viewer python3 scripts/scan.py /path/to/skill --sarif > report.sarif python3 scripts/scan.py /path/to/skill --sarif -o /path/to/output ### SARIF Features Full rule definitions for all 65 detection patterns CWE taxonomy references (MITRE CWE 4.14) Partial fingerprints for deduplication across runs Security severity scores (2.0-10.0 scale) Skill-shield metadata in run properties (ratings, recommendation) ### String Literal Context Detection Regex patterns and string constants inside security tools (scanners, auditors) are no longer flagged as dangerous code. The scanner now recognizes when a pattern like rm -rf or curl POST appears inside a string literal (quotes, regex, array) and reduces severity accordingly. ### Ignore-Next-Line Support Add # skill-shield: ignore-next-line above any line to suppress the next finding. Useful for known-safe patterns in security tools. ### Results 5 security audit tools reclassified from F to A/C/D (agents-skill-security-audit, ai-skill-scanner, skulk-skill-scanner, aoi-prompt-injection-sentinel, aoi-sandbox-shield-lite) 0 regressions on known-safe skills ### Security Rating (code safety) Based purely on dangerous code patterns found in executable files. Not affected by permission declarations. ### Compliance Rating (documentation quality) Based on permission declaration completeness: does SKILL.md declare the tools actually used in code? ### Recommendation Combines both ratings into an actionable recommendation: install — Security A/B + Compliance A/B install_with_review — Code is safe but permissions undeclared (likely poor docs, not malicious) review_required — Security patterns flagged do_not_install — Significant security concerns documentation_only — No executable code (pure SKILL.md guidance) ### False Positive Fixes (v0.3.0) JS template literals (backticks) no longer flagged as shell execution Variable names (hostname, whoami) no longer flagged as commands Shell script normal $VAR usage no longer floods findings os.environ.get("KEY") / process.env.KEY reduced severity (standard practice) --disable-setuid-sandbox (browser flag) reduced severity Documentation-only skills marked as N/A instead of getting A rating ### Exit Codes CodeRatingsMeaning0A, BSafe to install1C, DReview recommended2FDo not install ### Support Tips welcome: 0x6c730bDcfC762e23cE53aD991B75ab9852e87806 (Base) Moltbook: https://www.moltbook.com/u/Yuqian Twitter: @Yuqian0202 ## Trust - Source: tencent - Verification: Indexed source record - Publisher: yx2601816404-sys - Version: 0.6.1 ## Source health - Status: healthy - Item download looks usable. - Yavira can redirect you to the upstream package for this item. - Health scope: item - Reason: direct_download_ok - Checked at: 2026-04-29T15:26:23.667Z - Expires at: 2026-05-06T15:26:23.667Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/skill-shield) - [Send to Agent page](https://openagent3.xyz/skills/skill-shield/agent) - [JSON manifest](https://openagent3.xyz/skills/skill-shield/agent.json) - [Markdown brief](https://openagent3.xyz/skills/skill-shield/agent.md) - [Download page](https://openagent3.xyz/downloads/skill-shield)