skill-trust-auditor

Audit a ClawHub skill for security risks BEFORE installation.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "skill-trust-auditor" with this command: npx skills add jonathanjing/skill-trust-auditor

Skill Trust Auditor

Audit any ClawHub skill for security risks before installation.

🛠️ Installation

1. Ask OpenClaw (Recommended)

Tell OpenClaw: "Install the skill-trust-auditor skill." The agent will handle the installation and configuration automatically.

2. Manual Installation (CLI)

If you prefer the terminal, run:

clawhub install skill-trust-auditor

Setup (first run only)

bash scripts/setup.sh

Audit a Skill

When user says "audit [skill-name]" or "is [skill-name] safe" or before any clawhub install:

bash scripts/audit.sh [skill-name-or-url]
# Example:
bash scripts/audit.sh steipete/clawhub
bash scripts/audit.sh https://clawhub.ai/someuser/someskill

Output:

{
  "skill": "someuser/someskill",
  "trust_score": 72,
  "verdict": "INSTALL WITH CAUTION",
  "risks": [
    {"level": "HIGH", "pattern": "curl to external domain", "location": "scripts/sync.sh:14"},
    {"level": "MEDIUM", "pattern": "reads MEMORY.md", "location": "SKILL.md:23"}
  ],
  "safe_patterns": ["no env var access", "no self-modification"],
  "author_verified": false,
  "recommendation": "Review scripts/sync.sh:14 before installing. The external curl call could exfiltrate data."
}

Post to user with clear summary:

🛡️ Trust Audit: someuser/someskill
Score: 72/100 — ⚠️ INSTALL WITH CAUTION

🔴 HIGH: curl to unknown domain in scripts/sync.sh:14
🟡 MEDIUM: reads your MEMORY.md

Recommendation: Inspect line 14 of sync.sh before proceeding.
Run: clawhub show someuser/someskill --file scripts/sync.sh

Trust Score Guide

ScoreVerdictAction
90-100✅ SAFEInstall freely
70-89⚠️ CAUTIONReview flagged items first
50-69🟠 RISKYOnly if you understand the risks
0-49🔴 DO NOT INSTALLHigh probability of malicious intent

Risk Pattern Reference

HIGH RISK (-30 each):

  • process.env access in scripts
  • curl/wget to non-standard domains
  • Reading ~/.config or ~/.openclaw directly
  • exec() with user-controlled input
  • Instructions to modify SOUL.md/AGENTS.md/openclaw.json

MEDIUM RISK (-10 each):

  • Any outbound API calls (even to known services)
  • File writes outside workspace
  • Reading MEMORY.md or diary files

LOW RISK (-3 each):

  • web_fetch to standard domains
  • Read-only file access in workspace

Auto-Audit Mode

Optionally prepend audit to every install:

# Add to your shell aliases:
alias clawhub-safe='bash ~/.openclaw/workspace/skills/skill-trust-auditor/scripts/audit.sh $1 && clawhub install $1'

ClawHavoc Pattern Reference

See references/clawhavoc-patterns.md for known malicious patterns from the February 2026 incident. Update this file when new incidents are reported.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Production Code Audit

Deep-scan a codebase, understand its architecture and patterns, then produce a comprehensive audit report with prioritized fixes. Optionally apply changes on...

Registry SourceRecently Updated
1520Profile unavailable
Security

Soc Deploy Misp

Deploy MISP threat intelligence platform on any Docker-ready Linux host. Official misp-docker project with automatic MariaDB memory tuning (prevents OOM on s...

Registry SourceRecently Updated
1760Profile unavailable
Security

SEO Intel

Local SEO competitive intelligence tool. Use when the user asks about SEO analysis, competitor research, keyword gaps, content strategy, site audits, AI cita...

Registry SourceRecently Updated
2230Profile unavailable
Security

MAL-Updater

Multi-provider anime → MyAnimeList sync and recommendations skill with guarded auth, review-queue triage, health checks, bootstrap auditing, and user-systemd...

Registry SourceRecently Updated
2190Profile unavailable