Skill Scanner

Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.

تثبيت
$clawhub install skill-scanner

Skill Scanner

Security audit tool for Clawdbot/MCP skills - scans for malware, spyware, crypto-mining, and malicious patterns.

Capabilities

  • Scan skill folders for security threats

  • Detect data exfiltration patterns

  • Identify system modification attempts

  • Catch crypto-mining indicators

  • Flag arbitrary code execution risks

  • Find backdoors and obfuscation techniques

  • Output reports in Markdown or JSON format

  • Provide Web UI via Streamlit

Usage

Command Line

python skill_scanner.py /path/to/skill-folder

Within Clawdbot

"Scan the [skill-name] skill for security issues using skill-scanner"
"Use skill-scanner to check the youtube-watcher skill"
"Run a security audit on the remotion skill"

Web UI

pip install streamlit
streamlit run streamlit_ui.py

Requirements

  • Python 3.7+

  • No additional dependencies (uses Python standard library)

  • Streamlit (optional, for Web UI)

Entry Point

  • CLI: skill_scanner.py

  • Web UI: streamlit_ui.py

Tags

security #malware #spyware #crypto-mining #scanner #audit #code-analysis #mcp #clawdbot #agent-skills #safety #threat-detection #vulnerability

التفاصيل

الإصدار
v0.1.2
التنزيلات
5,221
النجوم
14
ClawHub
عرض على ClawHub

Skills شائعة

Wed 1.0.1
What Would Elon Do? - Transform any idea into a ruthless execution plan. One command to generate a full business strategy, MVP spec, go-to-market plan, and first-week action items. Think bigger. Move faster. /wed 'your idea'
WooCommerce
WooCommerce REST API integration with managed OAuth. Access products, orders, customers, coupons, shipping, taxes, reports, and webhooks. Use this skill when users want to manage e-commerce operations, process orders, or integrate with WooCommerce stores. For other third party apps, use the api-gateway skill (https://clawhub.ai/byungkyu/api-gateway).
ByteRover
You MUST use this for gathering contexts before any work. This is a Knowledge management for AI agents. Use `brv` to store and retrieve project patterns, decisions, and architectural rules in .brv/context-tree. Uses a configured LLM provider (default: ByteRover, no API key needed) for query and curate operations.