SkillGuard — Security Scanner for OpenClaw Skills

Scans OpenClaw skills for security threats before installation. Catches agent-specific attacks that generic antivirus misses.

Usage

CODEBLOCK0

What It Detects

1. 1. Credential Access — reads of config files, env vars, wallet files, API keys
2. Network Exfiltration — outbound HTTP calls, encoded payloads, suspicious domains
3. File System Abuse — path traversal, writes outside skill directory, hidden files
4. Prompt Injection — SKILL.md content that manipulates agent behavior
5. Dependency Risks — suspicious npm post-install scripts, known bad packages
6. Obfuscation — extremely long lines, hex/unicode escape sequences
7. Symlink Attacks — symlinks escaping the skill directory to access sensitive files
8. Config File Secrets — hardcoded credentials in .json, .env, .yaml files

Output

Each scan produces:

• - Risk Score: 0-100 (0 = clean, 100 = critical threat)
• Verdict: PASS / WARN / FAIL
• Findings: Detailed list of issues with severity and evidence