Security scanner for OpenClaw skills. Detects credential leaks, data exfiltration patterns, and dangerous code execution.
Skills are unsigned binaries. Before installing any skill, scan it for malicious patterns.
# Scan a skill directory
python3 scan.py /path/to/skill
# JSON output (for programmatic use)
python3 scan.py /path/to/skill --json🔴 HIGH Risk:
- Hardcoded credentials (API keys, secrets, tokens)
- Environment variable credential access
- Outbound HTTP requests (data exfiltration)
eval()/exec()(code injection)- Shell injection patterns
🟡 MEDIUM Risk:
- System file access (
/etc/) os.system(),os.popen()calls- Dynamic imports
- Pickle deserialization
🟢 LOW Risk:
- TODO/FIXME markers
- Potential credential logging
.envfile usage
Each skill gets a score 0-100:
- 80-100: ✅ Low risk
- 50-79:
⚠️ Medium risk - 0-49: 🚨 High risk - review carefully
============================================================
SkillGuard Security Scan: ./my-skill
============================================================
Trust Score: 65/100 ⚠️ MEDIUM RISK
Findings (2):
🔴 [HIGH] Environment credential access
File: ./my-skill/main.py:15
Context: api_key = os.environ.get('SECRET_API_KEY')
🟡 [MEDIUM] System command execution
File: ./my-skill/install.sh:8
Context: os.system(f"chmod +x {script}")
============================================================
python3 test_scan.py- Pattern-based detection (not full static analysis)
- May have false positives/negatives
- Doesn't catch obfuscated malware
MIT - Use freely, contribute back.
Built by @braindiff in response to the ClawdHub security incident.