TopRank Skills
Home / Claw Skills / Document / claw-secure-auditor
Official OpenClaw rules 36%

claw-secure-auditor

Security audit tool for ClawHub/OpenClaw skills (static analysis + reputation scoring)

View Source SKILL.md

Stars

0

Installs

0

Status

ACTIVE

Visibility

PUBLIC

安装方式

直接复制以下提示词,发送给你的 AI 助手即可完成安装。

请先检查是否已安装 SkillHub 商店,若未安装,请根据 https://skillhub-1388575217.cos.ap-guangzhou.myqcloud.com/install/skillhub.md 安装 SkillHub 商店,然后安装 claw-secure-auditor 技能。 若已安装,则直接安装 claw-secure-auditor 技能。

Overview

Skill Key
emeraldring3134-netizen/claw-secure-auditor
Author
emeraldring3134-netizen
Source Repo
openclaw/skills
Version
1.1.1
Source Path
skills/emeraldring3134-netizen/claw-secure-auditor
Latest Commit SHA
fe25b6d7e9143242d3dc04fdeb26165850ff5da7

Extracted Content

SKILL.md excerpt

# 🛡️ Claw Secure Auditor v1.1.1

Security audit tool for ClawHub/OpenClaw skills with static analysis and reputation scoring.

---

## 🚀 Quick Start

### 1. Configure (optional)

```bash
export VIRUSTOTAL_API_KEY="your-api-key-here"
```

### 2. Use

```bash
# Quick audit (static + reputation)
python3 scripts/auditor.py quick ./my-skill

# Full audit (static + sandbox + VirusTotal)
python3 scripts/auditor.py full ./my-skill

# Pre-publish audit
python3 scripts/auditor.py before-publish ./my-skill
```

---

## 📋 Features

- ✅ Static analysis: 120+ dangerous keyword detection
- ✅ Self-whitelist: auto-mark self as safe
- ✅ Reputation score: 0-100 with Safe/Caution/Dangerous levels
- ✅ JSON report export
- ✅ Read-only operation, no file modification

---

## 📊 Risk Levels

| Score | Level | Color |
|-------|-------|-------|
| 90-100 | Safe | 🟢 |
| 70-89 | Caution | 🟡 |
| 0-69 | Dangerous | 🔴 |

---

## 📌 Usage Examples

```
python3 scripts/auditor.py quick ./my-skill
python3 scripts/auditor.py full ./my-skill
python3 scripts/auditor.py before-publish ./my-new-skill
```

---

## ⚠️ Security Note

Read-only operation, no file modification, no external writes, API keys only for public data queries.

---

## 📝 Changelog

### v1.1.1 (2026-03)
- Simplified metadata for ClawHub compatibility
- Removed complex dependencies
- Kept core audit functionality

### v1.1.0 (2026-03)
- Self-whitelist: auto-mark self as safe
- Full English translation
- Improved scoring algorithm

### v1.0.0 (2026-03)
- Initial release with 120+ pattern detection

README excerpt

# 🛡️ Claw Secure Auditor

Security audit tool for ClawHub/OpenClaw skills with static analysis and reputation scoring.

---

## Quick Start

### 1. Configure (optional)

```bash
export VIRUSTOTAL_API_KEY="your-api-key-here"
```

### 2. Use

```bash
# Quick audit (static + reputation)
python3 scripts/auditor.py quick ./my-skill

# Full audit
python3 scripts/auditor.py full ./my-skill

# Pre-publish audit
python3 scripts/auditor.py before-publish ./my-new-skill
```

---

## Features

- ✅ Static analysis: 120+ dangerous keyword detection
- ✅ Self-whitelist: auto-mark self as safe
- ✅ Reputation score: 0-100
- ✅ JSON report export
- ✅ Read-only operation

---

## Full Documentation

Complete guide in `SKILL.md`.

---

## Security

Read-only only, no file modification, no external writes.

---

## License

MIT License

---

*Version: v1.1.1*

Related Claw Skills

edholofy

dojo.md

★ 4

University for AI agents. 92 courses, 4400+ scenarios, any model via OpenRouter. Auto-training loops generate per-model SKILL.md documents. Works with Claude Code, OpenClaw, Cursor, Windsurf. No fine-tuning required.

lethehades

wps-macos-helper

★ 1

macOS WPS Office workflow helper skill for safer document preparation, conversion, export, and compatibility guidance

capt-marbles

firecrawl

★ 0

Web scraping and crawling with Firecrawl API. Fetch webpage content as markdown, take screenshots, extract structured data, search the web, and crawl documentation sites. Use when the user needs to scrape a URL, get current web info, capture a screenshot, extract specific data from pages, or crawl docs for a framework/library.

caqlayan

Tweet Processor

★ 0

Tweet Processor Skill

carev01

md-docs-search

★ 0

Full-text search across structured Markdown documentation archives using SQLite FTS5. Use when you need to search large collections of Markdown articles that are separated by "---" delimiters and contain source URLs (marked with "*Source:" pattern). Provides fast BM25-ranked search with automatic source URL extraction for citations. Ideal for research, documentation lookups, and knowledge base exploration. Requires indexing documentation first with `docs.py index`.

camelsprout

duckdb-en

★ 0

DuckDB CLI specialist for SQL analysis, data processing and file conversion. Use for SQL queries, CSV/Parquet/JSON analysis, database queries, or data conversion. Triggers on "duckdb", "sql", "query", "data analysis", "parquet", "convert data".