Skill Security Audit

Scan OpenClaw skills for security vulnerabilities before installation or publication.

Quick Start

# Audit a single skill
skill-security-audit audit /path/to/skill-folder

# Audit all installed skills
skill-security-audit audit-all

# Generate security report
skill-security-audit report /path/to/skill-folder --format json

What This Detects

Critical Issues (Block Installation)

Issue	Description	Risk Level
Hardcoded Secrets	API keys, tokens, passwords in code	Critical
Shell Injection	Unsanitized input to shell commands	Critical
Code Execution	eval(), exec(), dynamic code execution	Critical
Unauthorized Network	Calls to unknown/suspicious domains	Critical

High Issues (Review Required)

Issue	Description	Risk Level
Prompt Injection	User input in system prompts without sanitization	High
File Path Traversal	Unchecked file paths from user input	High
Excessive Permissions	Requests unnecessary system access	High

Medium Issues (Warnings)

Issue	Description	Risk Level
Outdated Dependencies	Packages with known CVEs	Medium
Unpinned Versions	Floating dependency versions	Medium
Missing License	No license file for distribution	Medium

Security Patterns

Good Pattern: Environment Variables

# CORRECT: Load secrets from environment
import os
api_key = os.environ.get("OPENAI_API_KEY")

Bad Pattern: Hardcoded Secrets

# DANGEROUS: Secret in code
api_key = "sk-abc123def456..."  # NEVER DO THIS

Good Pattern: Sanitized Input

# CORRECT: Validate and sanitize
import re
def safe_filename(name):
    return re.sub(r'[^a-zA-Z0-9_-]', '', name)

Bad Pattern: Shell Injection

# DANGEROUS: User input to shell
os.system(f"convert {user_file} output.png")  # NEVER DO THIS

Running Audits

Important: Self-Scan Results

When running skill-security-audit audit skill-security-audit/, you will see findings for the pattern definitions themselves. This is expected — the scanner detects the example patterns in its own documentation. These are not real vulnerabilities.

For actual skill audits, this produces accurate results.

Single Skill Audit

skill-security-audit audit ./my-skill/

Output:

• Pass/Fail status
• List of vulnerabilities found
• Severity ratings
• Remediation suggestions

Batch Audit (All Installed Skills)

skill-security-audit audit-all

Scans ~/.openclaw/skills/ and reports on all installed skills.

Report Formats

# JSON for CI/CD integration
skill-security-audit audit ./skill/ --format json

# Markdown for documentation
skill-security-audit audit ./skill/ --format markdown

# Summary for quick review
skill-security-audit audit ./skill/ --format summary

CI/CD Integration

Add to your skill publishing pipeline:

# .github/workflows/publish.yml
- name: Security Audit
  run: skill-security-audit audit ./skill/

Exit codes:

• 0: No issues found
• 1: Medium+ issues found (warnings)
• 2: Critical issues found (block)

Publishing Secure Skills

Before publishing to ClawHub:

1. Run skill-security-audit audit ./your-skill/
2. Fix all critical and high issues
3. Document any required secrets in README
4. Include .env.example with placeholder values
5. Re-run audit to confirm clean

See Also

• references/vulnerabilities.md — Complete vulnerability database
• references/remediation.md — How to fix common issues
• scripts/audit.py — Main audit script