skill-scan
✓Security scanner for OpenClaw skill packages. Scans skills for malicious code, evasion techniques, prompt injection, and misaligned behavior BEFORE installation. Use to audit any skill from ClawHub or local directories.
Installation
SKILL.md
Multi-layered security scanner for OpenClaw skill packages. Detects malicious code, evasion techniques, prompt injection, and misaligned behavior through static analysis and optional LLM-powered deep inspection. Run this BEFORE installing or enabling any untrusted skill.
| LOW | 80-100 | Safe to install | | MEDIUM | 50-79 | Review findings before installing | | HIGH | 20-49 | Do NOT install — serious threats detected | | CRITICAL | 0-19 | Do NOT install — multiple critical threats |
When the user asks to install a skill from ClawHub, follow this workflow:
Security scanner for OpenClaw skill packages. Scans skills for malicious code, evasion techniques, prompt injection, and misaligned behavior BEFORE installation. Use to audit any skill from ClawHub or local directories. Source: dgriffin831/clawhub-skills.
Facts (cite-ready)
Stable fields and commands for AI/search citations.
- Install command
npx skills add https://github.com/dgriffin831/clawhub-skills --skill skill-scan- Category
- !Security
- Verified
- ✓
- First Seen
- 2026-02-17
- Updated
- 2026-02-18
Quick answers
What is skill-scan?
Security scanner for OpenClaw skill packages. Scans skills for malicious code, evasion techniques, prompt injection, and misaligned behavior BEFORE installation. Use to audit any skill from ClawHub or local directories. Source: dgriffin831/clawhub-skills.
How do I install skill-scan?
Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.) Copy and run this command: npx skills add https://github.com/dgriffin831/clawhub-skills --skill skill-scan Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code or Cursor
Where is the source repository?
https://github.com/dgriffin831/clawhub-skills