# Send Yoder Skill Auditor to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "yoder-skill-auditor", "name": "Yoder Skill Auditor", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/yoder-bawt/yoder-skill-auditor", "canonicalUrl": "https://clawhub.ai/yoder-bawt/yoder-skill-auditor", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/yoder-skill-auditor", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=yoder-skill-auditor", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "CHANGELOG.md", "SKILL.md", "TEST-FIXTURES-WARNING.md", "allowlist.json", "audit-all.sh", "audit.sh" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "slug": "yoder-skill-auditor", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-29T18:47:38.642Z", "expiresAt": "2026-05-06T18:47:38.642Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=yoder-skill-auditor", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=yoder-skill-auditor", "contentDisposition": "attachment; filename=\"yoder-skill-auditor-3.1.0.zip\"", "redirectLocation": null, "bodySnippet": null, "slug": "yoder-skill-auditor" }, "scope": "item", "summary": "Item download looks usable.", "detail": "Yavira can redirect you to the upstream package for this item.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/yoder-skill-auditor" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/yoder-skill-auditor", "downloadUrl": "https://openagent3.xyz/downloads/yoder-skill-auditor", "agentUrl": "https://openagent3.xyz/skills/yoder-skill-auditor/agent", "manifestUrl": "https://openagent3.xyz/skills/yoder-skill-auditor/agent.json", "briefUrl": "https://openagent3.xyz/skills/yoder-skill-auditor/agent.md" } } ``` ## Documentation ### Skill Auditor v3.1.0 The definitive security scanner for OpenClaw/ClawHub skills. Best-in-class detection across 18 security checks including prompt injection detection — the first scanner to catch agent manipulation attacks in skill documentation. 5-dimension trust scoring, trend tracking, diff analysis, and benchmarking. Zero false positives on legitimate skills. ### When to Activate Installing a new skill from ClawHub - run inspect.sh for full pre-install validation Auditing existing skills - use audit.sh to scan any skill directory Generating trust scores - use trust_score.py for 0-100 rating across 5 dimensions Comparing skills - use trust_score.py --compare for side-by-side analysis Tracking improvements - use trust_score.py --save-trend to monitor score over time Reviewing updates - use diff-audit.sh to compare before/after versions Batch scanning - use audit-all.sh or benchmark.sh for fleet-wide analysis ### Quick Start # Audit a single skill bash audit.sh /path/to/skill # Trust score (0-100 across 5 dimensions) python3 trust_score.py /path/to/skill # Compare two skills side by side python3 trust_score.py /path/to/skill1 --compare /path/to/skill2 # Track score over time python3 trust_score.py /path/to/skill --save-trend python3 trust_score.py /path/to/skill --trend # Diff audit (before/after update) bash diff-audit.sh /path/to/old-version /path/to/new-version # Benchmark against a corpus bash benchmark.sh /path/to/skills-dir # Inspect a ClawHub skill before installing bash inspect.sh skill-slug # Audit all installed skills bash audit-all.sh # Generate a markdown report bash report.sh # Run test suite (28 assertions) bash test.sh ### Guardrails / Anti-Patterns DO: ✓ Always audit skills before installing from untrusted sources ✓ Review trust scores - reject skills scoring below 60 (D grade) ✓ Use diff-audit.sh when updating skills to catch regressions ✓ Use --json output for CI/CD pipeline integration ✓ Run --save-trend periodically to track skill health DON'T: ✗ Install skills scoring below 40 (F grade) without extensive manual review ✗ Ignore CRITICAL findings - they indicate potential security threats ✗ Blindly add skills to allowlist without understanding why they access credentials ✗ Skip audit because a skill is "popular" or "official" ### Security Checks (18 total) #CheckSeverityDescription1credential-harvestCRITICALScripts reading API keys/tokens AND making network calls2exfiltration-urlCRITICALwebhook.site, requestbin, ngrok URLs in scripts3obfuscated-payloadCRITICALBase64-encoded URLs or shell commands4sensitive-fsCRITICAL/etc/passwd, ~/.ssh, ~/.aws/credentials access5crypto-walletCRITICALHardcoded ETH/BTC wallet addresses (drain attacks)6dependency-confusionCRITICALInternal/private-scoped packages in public deps7typosquattingCRITICALMisspelled package names (lodahs, requets, etc.)8symlink-attackCRITICALSymlinks targeting sensitive system paths9code-executionWARNINGeval(), exec(), subprocess patterns10time-bombWARNINGDate/time comparisons that could trigger delayed payloads11telemetry-detectedWARNINGAnalytics SDKs, tracking pixels, phone-home behavior12excessive-permissionsWARNING>15 bins/env/config items requested13unusual-portsWARNINGNetwork calls to non-standard ports14prompt-injectionCRITICALAgent manipulation in docs: "ignore instructions", role hijacking, hidden HTML directives15download-executeCRITICALcurl|bash, wget|sh, eval $(curl), unsafe pip/npm installs16hidden-fileWARNINGSuspicious dotfiles that may hide malicious content17env-exfiltrationCRITICALReading sensitive env vars + outbound network calls18privilege-escalationCRITICALsudo, chmod 777/setuid, writes to system paths Context-aware: credential mentions in documentation are INFO, not CRITICAL. ### Trust Score (5 Dimensions) DimensionMaxWhat's MeasuredSecurity35Audit findings (criticals = -18, warnings = -4)Quality22Description, version, usage docs, examples, metadata, changelogStructure18File organization, tests, README, reasonable scopeTransparency15License, no minified code, code commentsBehavioral10Rate limiting, error handling, input validation Grades: A (90+), B (75+), C (60+), D (40+), F (<40) ### Comparative Scoring python3 trust_score.py /path/to/skill-a --compare /path/to/skill-b Shows per-dimension deltas and overall score difference. ### Trend Tracking python3 trust_score.py /path/to/skill --save-trend # Record score python3 trust_score.py /path/to/skill --trend # View history Stores up to 50 entries per skill in trust_trends.json. ### Tools FilePurposeaudit.shSingle skill security audit (18 checks)audit-all.shBatch scan all installed skillstrust_score.pyTrust score calculator (5-dimension, 0-100)diff-audit.shCompare skill versions for security regressionsbenchmark.shCorpus-wide audit with aggregate statisticsinspect.shClawHub pre-install workflowreport.shMarkdown report generatortest.shAutomated test suite (28 assertions, 12 test skills)allowlist.jsonKnown-good credential skills ### Test Suite 12 test skills (8 malicious, 4 clean) with 28 automated assertions: bash test.sh Malicious fixtures: credential harvest, obfuscated payload, sensitive fs reads, crypto wallets, time bombs, symlink attacks, prompt injection, download-execute, privilege escalation. Clean fixtures: basic skill, credential docs (false positive check), network skill, dotfiles skill. ### Exit Codes 0: PASS / safe to install 1: REVIEW / warnings found 2: FAIL / critical issues 3: Error / bad input ### Changelog See CHANGELOG.md for full version history. ## Trust - Source: tencent - Verification: Indexed source record - Publisher: yoder-bawt - Version: 3.1.0 ## Source health - Status: healthy - Item download looks usable. - Yavira can redirect you to the upstream package for this item. - Health scope: item - Reason: direct_download_ok - Checked at: 2026-04-29T18:47:38.642Z - Expires at: 2026-05-06T18:47:38.642Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/yoder-skill-auditor) - [Send to Agent page](https://openagent3.xyz/skills/yoder-skill-auditor/agent) - [JSON manifest](https://openagent3.xyz/skills/yoder-skill-auditor/agent.json) - [Markdown brief](https://openagent3.xyz/skills/yoder-skill-auditor/agent.md) - [Download page](https://openagent3.xyz/downloads/yoder-skill-auditor)