security-skill-scanner
Security scanner for ClawdHub skills - detects suspicious patterns, manages whitelists, and monitors Moltbook for security threats.
Best use case
security-skill-scanner is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Security scanner for ClawdHub skills - detects suspicious patterns, manages whitelists, and monitors Moltbook for security threats.
Teams using security-skill-scanner should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/openclaw-skills-security-checker/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How security-skill-scanner Compares
| Feature / Agent | security-skill-scanner | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Security scanner for ClawdHub skills - detects suspicious patterns, manages whitelists, and monitors Moltbook for security threats.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Security Skill Scanner
Scans ClawdHub skills for suspicious patterns, manages permission manifests, and monitors Moltbook for security threats.
## Features
- **Pattern Detection**: Scans SKILL.md files for credential theft, command injection, network exfil patterns
- **Whitelist Management**: Maintains list of known legitimate skills
- **Moltbook Monitoring**: Continuously monitors Moltbook for security discussions and scam alerts
- **Permission Manifests**: Generates and tracks skill permissions with Isnad chains
- **Daily Reports**: Automatic scanning with markdown/JSON reports
## Usage
### Scan All Skills
```bash
python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py
```
### Scan Specific Skill
```bash
python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py --skill nano-banana-pro
```
### Add to Whitelist
```bash
python3 /root/clawd/skills/security-skill-scanner/whitelist-manager.py add skill-name "reason for whitelist"
```
### Check Whitelist
```bash
python3 /root/clawd/skills/security-skill-scanner/whitelist-manager.py list
```
### Monitor Moltbook (One-shot)
```bash
bash /root/clawd/skills/security-skill-scanner/moltbook-monitor.sh
```
## Files
| File | Purpose |
|------|---------|
| `skill-scanner.py` | Main scanner with regex pattern detection |
| `whitelist-manager.py` | Manage false-positive whitelist |
| `moltbook-monitor.sh` | Moltbook security feed monitor |
| `permission-manager.py` | Generate skill permission manifests |
| `data/whitelist.json` | Whitelisted skills database |
## Patterns Detected
| Category | Patterns |
|----------|----------|
| Credential Theft | .env access, webhook.site, POST secrets |
| Command Injection | os.system, eval, shell=True, subprocess |
| Network Exfil | HTTP requests with Bearer tokens |
| Suspicious Downloads | wget, curl -O, remote scripts |
## Whitelisted Skills
These skills are known legitimate and excluded from warnings:
- nano-banana-pro (Google Gemini)
- notion (Notion API)
- trello (Trello API)
- gog (Google Workspace)
- local-places (Google Places)
- bluebubbles (iMessage)
- weather (Weather API)
- And 5 more...
## Cron Jobs (Optional)
Add to crontab for automated scanning:
```bash
# Daily skill scan at 4 AM
0 4 * * * python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py >> /var/log/skill-scan.log 2>&1
# Moltbook monitor every 30 min
*/30 * * * * bash /root/clawd/skills/security-skill-scanner/moltbook-monitor.sh >> /var/log/moltbook-monitor.log 2>&1
```
## Pre-Install Hook (Block Suspicious Skills)
Install new skills with automatic security scanning that **BLOCKS** suspicious installations:
### Quick Install with Scan
```bash
# Interactive mode (asks before installing)
bash /root/clawd/skills/security-skill-scanner/install-skill.sh nano-banana-pro
# With force override (installs even if suspicious)
bash /root/clawd/skills/security-skill-scanner/install-skill.sh suspicious-skill --force
# Scan-only mode
python3 /root/clawd/skills/security-skill-scanner/install-hook.py skill-name --scan-only
```
### Integration with molthub
Add to your shell profile for automatic scanning on every install:
```bash
# Add to ~/.bashrc or ~/.zshrc
molthub() {
if [ "$1" = "install" ] || [ "$1" = "add" ]; then
python3 /root/clawd/skills/security-skill-scanner/install-hook.py "$2" --interactive
else
/home/linuxbrew/.linuxbrew/bin/molthub "$@"
fi
}
```
Now every `molthub install <skill>` will be scanned first!
### What Happens
1. **Clean skill** → Installs normally ✅
2. **Whitelisted skill** → Installs normally ✅
3. **Suspicious skill** → **BLOCKED** with explanation 🚫
4. **Suspicious + --force** → Warns but installs ⚠️
### Example Output
```
🔒 Pre-Install Security Scan: nano-banana-pro
----------------------------------------------
Status: whitelisted
Action: allowed
✅ Scan passed - safe to install
🚀 Proceeding with installation...
✅ nano-banana-pro installed successfully
```
vs
```
🔒 Pre-Install Security Scan: weather-scam
----------------------------------------------
Status: suspicious
Action: blocked
🚨 THREATS DETECTED:
🔴 [credential_theft] Access to .env file
File: SKILL.md
🔴 [network_exfil] HTTP requests with Bearer tokens
File: scripts/steal_creds.py
❌ INSTALLATION BLOCKED
To override: python3 install-hook.py weather-scam --force
```
## Reports
- `/tmp/security-scanner/scan-report.md` - Human-readable scan results
- `/tmp/security-scanner/scan-results.json` - Structured JSON output
- `/tmp/security-scanner/moltbook-scan.log` - Moltbook monitoring log
## Integration
Import as a module:
```python
from skill_scanner import RegexScanner
scanner = RegexScanner()
results = scanner.scan_all_skills()
print(f"Found {results['threats_found']} threats")
```Related Skills
security-operator
Runtime security guardrails for OpenClaw agents.
security-checker
Security scanner for Python skills before publishing to ClawHub.
security-auditor
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
tech-security-audit
This skill integrates Nmap scanning functionality to perform local network vulnerability assessments.
go-security-vulnerability
Identify, assess, and fix security vulnerabilities in Go modules using govulncheck. Handle common vulnerabilities like JWT issues and ensure application stability during fixes.
Security Joes AI Analyst
SecOps checks for endpoints: EDR, Sysmon, updates, EVTX on heartbeat, least privilege, network visibility, credential protection (Kerberos/NTLM/pass-the-hash), device inventory and known vulnerabilities, weekly assessment, and skill integrity (hash-on-wake, version-aware). Use when implementing or reviewing host posture, heartbeat logic, EDR/Sysmon/EVTX, privilege, network exposure, credential hardening, vuln assessment, weekly SecOps review, or skill compromise checks.
skill-scanner
Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, scan for credential exfiltration, detect prompt injection, or review skill security. Triggers on security audit, skill safety check, malware scan, or trust verification.
Heimdall - Security Scanner for AI Agent Skills
Scan OpenClaw skills for malicious patterns before installation. Context-aware scanning with AI-powered narrative analysis.
security-suite
Advanced security validation: pattern detection, command sanitization.
security
Advanced security validation for Clawdbot - pattern detection, command sanitization, and threat monitoring
ultimate-fork-and-skill-scanner
Scan GitHub forks and ClawHub skills for valuable changes, innovations, and enhancements.
fork-and-skill-scanner-ultimate
Scan 1,000 GitHub forks per run.