Skills

skill-security-auditor

Installation
SKILL.md

Skill Security Auditor

Description

The Skill Security Auditor is a command-line tool that performs pattern-based security analysis of ClawHub skills before installation. Given the recent discovery of 341+ malicious skills (ClawHavoc campaign) that distributed Atomic Stealer (AMOS) and stole cryptocurrency credentials, this tool provides essential pre-installation threat detection.

What this skill provides:

  • ✅ Bash script (analyze-skill.sh) for local security analysis
  • ✅ Threat intelligence database (patterns/malicious-patterns.json)
  • ✅ Pattern matching against 20+ known malicious indicators
  • ✅ Risk scoring system (0-100 scale)
  • ✅ Detailed audit reports with recommendations

How to use it:

  1. Install this skill from ClawHub
  2. Run the analyze-skill.sh script against any skill (by slug or local file)
  3. Review the risk assessment and findings
  4. Make informed decision about installation
Installs
3
Repository
openclaw/skills
GitHub Stars
4.5K
First Seen
Mar 8, 2026
Security Audits
Gen Agent Trust HubPass
SocketFail
SnykWarn
skill-security-auditor — openclaw/skills