{
  "schemaVersion": "1.0",
  "item": {
    "slug": "skillguard-scanner",
    "name": "SkillGuard Scanner",
    "source": "tencent",
    "type": "skill",
    "category": "安全合规",
    "sourceUrl": "https://clawhub.ai/msgnoki/skillguard-scanner",
    "canonicalUrl": "https://clawhub.ai/msgnoki/skillguard-scanner",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadMode": "redirect",
    "downloadUrl": "/downloads/skillguard-scanner",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=skillguard-scanner",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "installMethod": "Manual import",
    "extraction": "Extract archive",
    "prerequisites": [
      "OpenClaw"
    ],
    "packageFormat": "ZIP package",
    "includedAssets": [
      "CHANGELOG.md",
      "SKILL.md",
      "references/threat-landscape.md",
      "scripts/scanner.py"
    ],
    "primaryDoc": "SKILL.md",
    "quickSetup": [
      "Download the package from Yavira.",
      "Extract the archive and review SKILL.md first.",
      "Import or place the package into your OpenClaw setup."
    ],
    "agentAssist": {
      "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.",
      "steps": [
        "Download the package from Yavira.",
        "Extract it into a folder your agent can access.",
        "Paste one of the prompts below and point your agent at the extracted folder."
      ],
      "prompts": [
        {
          "label": "New install",
          "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete."
        },
        {
          "label": "Upgrade existing",
          "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run."
        }
      ]
    },
    "sourceHealth": {
      "source": "tencent",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-04-23T16:43:11.935Z",
      "expiresAt": "2026-04-30T16:43:11.935Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard",
        "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"",
        "redirectLocation": null,
        "bodySnippet": null
      },
      "scope": "source",
      "summary": "Source download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this source.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/skillguard-scanner"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    },
    "downloadPageUrl": "https://openagent3.xyz/downloads/skillguard-scanner",
    "agentPageUrl": "https://openagent3.xyz/skills/skillguard-scanner/agent",
    "manifestUrl": "https://openagent3.xyz/skills/skillguard-scanner/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/skillguard-scanner/agent.md"
  },
  "agentAssist": {
    "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.",
    "steps": [
      "Download the package from Yavira.",
      "Extract it into a folder your agent can access.",
      "Paste one of the prompts below and point your agent at the extracted folder."
    ],
    "prompts": [
      {
        "label": "New install",
        "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete."
      },
      {
        "label": "Upgrade existing",
        "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run."
      }
    ]
  },
  "documentation": {
    "source": "clawhub",
    "primaryDoc": "SKILL.md",
    "sections": [
      {
        "title": "SkillGuard — Skill Security Scanner",
        "body": "Scan OpenClaw skills for security threats before they compromise your system."
      },
      {
        "title": "Scan all installed skills",
        "body": "python3 {scripts}/scanner.py"
      },
      {
        "title": "Scan a single skill",
        "body": "python3 {scripts}/scanner.py --skill <skill-name>"
      },
      {
        "title": "Check a skill name for typosquatting",
        "body": "python3 {scripts}/scanner.py --check-name <name>"
      },
      {
        "title": "Scan from ClawHub before installing",
        "body": "python3 {scripts}/scanner.py --fetch-clawhub <skill-name>"
      },
      {
        "title": "Critical Threats",
        "body": "Reverse shells — nc -e, bash -i >& /dev/tcp, ncat, mkfifo\nCode obfuscation — base64 -d | bash, eval(), exec() with encoded payloads"
      },
      {
        "title": "High Threats",
        "body": "Suspicious URLs — webhook.site, glot.io, ngrok.io, pastebin.com\nMemory poisoning — Instructions to write to SOUL.md, MEMORY.md, AGENTS.md\nMalicious prerequisites — Download instructions in docs (the ClawHavoc attack vector)"
      },
      {
        "title": "Medium Threats",
        "body": "Credential access — Patterns accessing .env, API keys, tokens, SSH keys\nData exfiltration — Outbound HTTP POST/PUT with sensitive data\nHardcoded IPs — Public IPs embedded in code\nTyposquatting — Skill names similar to popular/known skills (Levenshtein ≤ 2)\nCrypto wallet access — Seed phrases, private keys, wallet patterns"
      },
      {
        "title": "Low Threats",
        "body": "Shell execution — subprocess, os.system, child_process (common but worth noting)"
      },
      {
        "title": "Risk Levels",
        "body": "🔴 CRITICAL (≥50) — Do NOT install. Likely malicious.\n🟠 HIGH (25-49) — Review manually before installing. Multiple suspicious patterns.\n🟡 MEDIUM (10-24) — Some flags, likely false positives but worth checking.\n🟢 LOW (1-9) — Minor flags, generally safe.\n✅ CLEAN (0) — No issues detected."
      },
      {
        "title": "False Positive Likelihood",
        "body": "Each finding includes a FP estimate (low/medium/high):\n\nlow — Likely a real threat\nmedium — Could be legitimate, review context\nhigh — Probably benign (e.g., security tool referencing attack patterns, search tool using fetch)"
      },
      {
        "title": "Workflow: Before Installing a Skill",
        "body": "Run python3 {scripts}/scanner.py --fetch-clawhub <skill-name> (requires clawhub CLI)\nReview the report — anything CRITICAL or HIGH with low FP = reject\nIf CLEAN or LOW only → safe to install\nIf MEDIUM → skim the flagged files manually"
      },
      {
        "title": "Output",
        "body": "Console summary with emoji risk levels\nJSON report saved to {baseDir}/../data/scan_results.json (configurable via --json-out)"
      },
      {
        "title": "Context: Why This Matters",
        "body": "As of February 2026, 341 malicious skills were found on ClawHub (Koi Security / ClawHavoc campaign), distributing Atomic Stealer malware via fake prerequisites. OpenClaw has 512 known vulnerabilities (Kaspersky audit). There is no official skill vetting process. SkillGuard fills this gap.\n\nSee references/threat-landscape.md for detailed background."
      }
    ],
    "body": "SkillGuard — Skill Security Scanner\n\nScan OpenClaw skills for security threats before they compromise your system.\n\nQuick Start\nScan all installed skills\npython3 {scripts}/scanner.py\n\nScan a single skill\npython3 {scripts}/scanner.py --skill <skill-name>\n\nCheck a skill name for typosquatting\npython3 {scripts}/scanner.py --check-name <name>\n\nScan from ClawHub before installing\npython3 {scripts}/scanner.py --fetch-clawhub <skill-name>\n\nWhat It Detects\nCritical Threats\nReverse shells — nc -e, bash -i >& /dev/tcp, ncat, mkfifo\nCode obfuscation — base64 -d | bash, eval(), exec() with encoded payloads\nHigh Threats\nSuspicious URLs — webhook.site, glot.io, ngrok.io, pastebin.com\nMemory poisoning — Instructions to write to SOUL.md, MEMORY.md, AGENTS.md\nMalicious prerequisites — Download instructions in docs (the ClawHavoc attack vector)\nMedium Threats\nCredential access — Patterns accessing .env, API keys, tokens, SSH keys\nData exfiltration — Outbound HTTP POST/PUT with sensitive data\nHardcoded IPs — Public IPs embedded in code\nTyposquatting — Skill names similar to popular/known skills (Levenshtein ≤ 2)\nCrypto wallet access — Seed phrases, private keys, wallet patterns\nLow Threats\nShell execution — subprocess, os.system, child_process (common but worth noting)\nInterpreting Results\nRisk Levels\n🔴 CRITICAL (≥50) — Do NOT install. Likely malicious.\n🟠 HIGH (25-49) — Review manually before installing. Multiple suspicious patterns.\n🟡 MEDIUM (10-24) — Some flags, likely false positives but worth checking.\n🟢 LOW (1-9) — Minor flags, generally safe.\n✅ CLEAN (0) — No issues detected.\nFalse Positive Likelihood\n\nEach finding includes a FP estimate (low/medium/high):\n\nlow — Likely a real threat\nmedium — Could be legitimate, review context\nhigh — Probably benign (e.g., security tool referencing attack patterns, search tool using fetch)\nWorkflow: Before Installing a Skill\nRun python3 {scripts}/scanner.py --fetch-clawhub <skill-name> (requires clawhub CLI)\nReview the report — anything CRITICAL or HIGH with low FP = reject\nIf CLEAN or LOW only → safe to install\nIf MEDIUM → skim the flagged files manually\nOutput\nConsole summary with emoji risk levels\nJSON report saved to {baseDir}/../data/scan_results.json (configurable via --json-out)\nContext: Why This Matters\n\nAs of February 2026, 341 malicious skills were found on ClawHub (Koi Security / ClawHavoc campaign), distributing Atomic Stealer malware via fake prerequisites. OpenClaw has 512 known vulnerabilities (Kaspersky audit). There is no official skill vetting process. SkillGuard fills this gap.\n\nSee references/threat-landscape.md for detailed background."
  },
  "trust": {
    "sourceLabel": "tencent",
    "provenanceUrl": "https://clawhub.ai/msgnoki/skillguard-scanner",
    "publisherUrl": "https://clawhub.ai/msgnoki/skillguard-scanner",
    "owner": "msgnoki",
    "version": "1.1.0",
    "license": null,
    "verificationStatus": "Indexed source record"
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/skillguard-scanner",
    "downloadUrl": "https://openagent3.xyz/downloads/skillguard-scanner",
    "agentUrl": "https://openagent3.xyz/skills/skillguard-scanner/agent",
    "manifestUrl": "https://openagent3.xyz/skills/skillguard-scanner/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/skillguard-scanner/agent.md"
  }
}