playbooks

home / skills / openclaw / skills / skill-scanner

skill-scanner skill

/skills/bvinci1-design/skill-scanner

This skill scans Clawdbot/MCP skills for malware and backdoors, delivering security reports to prevent risky installations.

npx playbooks add skill openclaw/skills --skill skill-scanner

Review the files below or copy the command above to add this skill to your agents.

Files (5)
SKILL.md
1.4 KB
---
name: skill-scanner
description: Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.
---

# Skill Scanner

Security audit tool for Clawdbot/MCP skills - scans for malware, spyware, crypto-mining, and malicious patterns.

## Capabilities
- Scan skill folders for security threats
- Detect data exfiltration patterns
- Identify system modification attempts
- Catch crypto-mining indicators
- Flag arbitrary code execution risks
- Find backdoors and obfuscation techniques
- Output reports in Markdown or JSON format
- Provide Web UI via Streamlit

## Usage

### Command Line
```bash
python skill_scanner.py /path/to/skill-folder
```

### Within Clawdbot
```
"Scan the [skill-name] skill for security issues using skill-scanner"
"Use skill-scanner to check the youtube-watcher skill"
"Run a security audit on the remotion skill"
```

### Web UI
```bash
pip install streamlit
streamlit run streamlit_ui.py
```

## Requirements
- Python 3.7+
- No additional dependencies (uses Python standard library)
- Streamlit (optional, for Web UI)

## Entry Point
- **CLI:** `skill_scanner.py`
- **Web UI:** `streamlit_ui.py`

## Tags
#security #malware #spyware #crypto-mining #scanner #audit #code-analysis #mcp #clawdbot #agent-skills #safety #threat-detection #vulnerability

Overview

This skill scans Clawdbot and MCP skills for malware, spyware, crypto-miners, and other malicious code patterns before installation. It is a lightweight security audit tool that flags data exfiltration, system modification attempts, backdoors, and obfuscation techniques. Reports are produced in Markdown or JSON, and an optional Streamlit Web UI is available for interactive review.

How this skill works

The scanner inspects skill folders and static code for known malicious signatures, risky API calls, suspicious file operations, and obfuscation patterns. It looks for indicators of data exfiltration, arbitrary code execution vectors, crypto-mining routines, and hidden backdoors. The tool summarizes findings with severity levels and provides a machine-readable JSON report plus a human-friendly Markdown output. For convenience, a Streamlit front end displays results and highlights problematic files and lines.

When to use it

  • Before installing or enabling a third-party Clawdbot/MCP skill
  • When reviewing archived skill versions from a collection or backup
  • As part of a CI pipeline to catch regressions or new risky behavior
  • When auditing skills that request system or network access
  • After receiving a security tip or user report about suspicious behavior

Best practices

  • Run the scanner on the entire skill folder, including nested modules and dependencies
  • Combine static scan results with manual code review for high-risk findings
  • Treat obfuscated code and unexplained network calls as high priority
  • Keep an isolated analysis environment to avoid executing untrusted code
  • Use the JSON output for automated alerts and the Markdown report for human review

Example use cases

  • Audit a newly downloaded youtube-watcher skill before activation
  • Scan archived versions of a skill to find when a malicious change was introduced
  • Integrate the scanner into pre-deployment checks for community-contributed skills
  • Triage a reported backdoor by locating suspicious import/use patterns
  • Identify hidden crypto-mining indicators in a bundled dependency

FAQ

Does the scanner run code dynamically?

No. The primary analysis is static to avoid executing untrusted code. It searches code and configuration for risky patterns and indicators.

What outputs are available?

The tool generates machine-readable JSON for automation and Markdown reports for human review. A Streamlit UI can display results interactively.