Skill Auditor Pro

审查 ClawHub skills 的安全性,检测恶意代码、可疑模式和社工攻击。在安装任何第三方 skill 前使用此工具进行安全检查。

Install
$clawhub install skill-auditor-pro

Skill Auditor 🔍

Audit ClawHub skills for security threats before installing them.

Triggers

Use this skill when:

  • "Audit this skill"

  • "Check skill security"

  • Before installing any third-party skill

Usage


# Inspect without installing
clawhub inspect <skill-name>

# Run the audit script
~/.openclaw/workspace/skills/skill-auditor/scripts/audit.sh <skill-name>

Method 2: Audit an installed skill

~/.openclaw/workspace/skills/skill-auditor/scripts/audit.sh --local <skill-path>

Detection Layers

L1: Pattern Matching

Severity Pattern Risk
🔴 High `base64.*\ .*bash`
🔴 High `curl.*\ .*bash`
🔴 High eval\( / exec\( Dynamic code execution
🔴 High Known C2 server IPs Malicious communication
🟡 Medium Access to ~/.openclaw/ Config theft
🟡 Medium Reads $API_KEY etc. Credential leakage
🟡 Medium Social engineering keywords User deception
🟢 Low Requires sudo Elevated privileges

L2: Deobfuscation

Automatically decodes hidden malicious payloads:

  • Base64 — Decodes and scans for hidden commands

  • Hex — Decodes \x41\x42 format strings

  • Checks decoded content for C2 servers and dangerous commands

L3: LLM Analysis (optional)

Uses Gemini CLI to analyze suspicious code intent:

  • Semantic understanding beyond pattern matching

  • Detects novel/unknown threats

  • Requires gemini CLI installed

Known Indicators of Compromise (IoC)

C2 Server IPs

91.92.242.30  # ClawHavoc primary server

Malicious Domains

glot.io       # Hosts obfuscated scripts
webhook.site  # Data exfiltration endpoint

Social Engineering Keywords

OpenClawDriver    # Non-existent "driver"
ClawdBot Driver   # Social engineering lure
Required Driver   # Tricks users into installing malware

Output Format

═══════════════════════════════════════════
  SKILL AUDIT REPORT: <skill-name>
═══════════════════════════════════════════

🔴 HIGH RISK FINDINGS:
   [LINE 23] base64 encoded execution detected
   [LINE 45] curl|bash pattern found

🟡 MEDIUM RISK FINDINGS:
   [LINE 12] Accesses ~/.openclaw/ directory

🟢 LOW RISK FINDINGS:
   [LINE 5] Requires sudo for installation

═══════════════════════════════════════════
  VERDICT: ❌ DO NOT INSTALL
═══════════════════════════════════════════

Best Practices

  1. Always audit before install — Never skip the security check

  2. Trust no skill blindly — Including highly starred or popular ones

  3. Check updates — Skill updates may introduce malicious code

  4. Report suspicious skills — Send to [email protected]

Maintenance

Update this skill when new threats are discovered:

  1. New malicious IP → Add to MALICIOUS_IPS

  2. New malicious domain → Add to MALICIOUS_DOMAINS

  3. New social engineering lure → Add to SOCIAL_ENGINEERING

  4. New attack pattern → Add regex detection

Update location: variable definitions at the top of scripts/audit.sh

References

Details

Version
v2.1.1
Downloads
1,268
Stars
2
ClawHub
View on ClawHub

Popular Skills

Fastest Browser Use
High-performance browser automation for heavy scraping, multi-tab management, and precise DOM extraction. Use this when you need speed, reliability, or advanced state management (cookies/local storage) beyond standard web fetching.
Web Search by Exa
Neural web search, content extraction, company and people research, code search, and deep research via the Exa MCP server. Use when you need to: (1) search the web with semantic understanding — not just keywords, (2) find research papers, news, tweets, companies, or people, (3) extract clean content from URLs, (4) find semantically similar pages to a known URL, (5) get code examples and documentation, (6) run deep multi-step research with a report, (7) get a quick synthesized answer with citations. NOT for: local file operations, non-web tasks, or anything that doesn't involve web search or content retrieval.
x-twitter
Interact with Twitter/X — read tweets, search, post, like, retweet, and manage your timeline.