clawscan-vigil Security Report — Low Risk | ClawSafe

15 /100

clawscan-vigil

OpenClaw Skill Security Scanner - static and dynamic analysis

ClawScan is a legitimate security scanning tool for OpenClaw Skills with no malicious behavior detected. All capabilities align with documented functionality.

Skill Nameclawscan-vigil

Duration51.1s

Enginepi

✓

Safe to install

Approve for installation. This is a genuine security tool that performs static and dynamic analysis of AI skills.

Findings 2 items

Severity	Finding	Location
Low	Client-side license validation License verification is performed locally without server verification. The 'verified' flag remains False even after activation. `'verified': False # Would be True after server verification` → Implement server-side license verification for production use	`core/license_manager.py:131`
Info	RestrictedPython sandbox limitations Dynamic analysis uses RestrictedPython which may not catch all runtime behaviors. Some malicious code patterns skip detection. `from RestrictedPython import compile_restricted, safe_globals` → Document sandbox limitations in SKILL.md	`core/dynamic_tracer.py:1`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	Reads Python files in target skill directories for analysis
Shell	`WRITE`	`WRITE`	✓ Aligned	skill/skill_wrapper.py:17 uses subprocess.run() to invoke clawscan CLI
Network	`NONE`	`READ`	✓ Aligned	requests library is a dependency but used only for legitimate external verificat…

8 findings

🔗

Medium External URL 外部 URL

https://clawhub.ai/signup

PUBLISH.md:45

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/python-3.10+-blue.svg

README.md:3

🔗

Medium External URL 外部 URL

https://www.python.org/downloads/

README.md:3

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/License-MIT-yellow.svg

README.md:4

🔗

Medium External URL 外部 URL

https://opensource.org/licenses/MIT

README.md:4

🔗

Medium External URL 外部 URL

https://clawscan.dev

SKILL.md:73

🔗

Medium External URL 外部 URL

https://docs.clawscan.dev

pyproject.toml:42

📧

Info Email 邮箱地址

[email protected]

SKILL.md:167

File Tree

16 files · 74.9 KB · 2421 lines

Python 11f · 1751L Markdown 4f · 616L TOML 1f · 54L

├─ ▾ 📁 core

│ ├─ 🐍 __init__.py Python 5L · 176 B

│ ├─ 🐍 advanced_analyzer.py Python 230L · 8.1 KB

│ ├─ 🐍 batch_scanner.py Python 156L · 5.3 KB

│ ├─ 🐍 dynamic_tracer.py Python 249L · 9.0 KB

│ ├─ 🐍 license_manager.py Python 159L · 5.0 KB

│ ├─ 🐍 models.py Python 59L · 1.6 KB

│ ├─ 🐍 risk_engine.py Python 110L · 3.8 KB

│ ├─ 🐍 scanner.py Python 101L · 3.4 KB

│ └─ 🐍 static_analyzer.py Python 262L · 9.3 KB

├─ ▾ 📁 skill

│ ├─ 🐍 skill_wrapper.py Python 74L · 1.9 KB

│ └─ 📝 SKILL.md Markdown 171L · 4.2 KB

├─ 🐍 cli.py Python 346L · 11.0 KB

├─ 📝 PUBLISH.md Markdown 135L · 2.5 KB

├─ 📄 pyproject.toml TOML 54L · 1.3 KB

├─ 📝 README.md Markdown 139L · 4.0 KB

└─ 📝 SKILL.md Markdown 171L · 4.2 KB

Dependencies 4 items

Package	Version	Source	Known Vulns	Notes
`click`	`>=8.0`	pyproject.toml	No	CLI framework - standard dependency
`requests`	`>=2.28`	pyproject.toml	No	HTTP library - expected for network security scanning
`RestrictedPython`	`>=7.0`	pyproject.toml	No	Security sandbox - core to this tool's safety model
`rich`	`>=13.0`	pyproject.toml	No	Terminal output - standard UI dependency

Security Positives

✓ Uses RestrictedPython sandbox for dynamic analysis

✓ AST-based static analysis detects dangerous patterns

✓ No credential harvesting or exfiltration code found

✓ No base64/eval patterns that could hide malicious behavior

✓ Subprocess usage is scoped to legitimate tool execution

✓ All declared capabilities match actual implementation

✓ No access to ~/.ssh, ~/.aws, or other sensitive credential paths

✓ Dependencies (click, rich, requests) are standard and legitimate

Scan Report

Findings 2 items

File Tree

Dependencies 4 items

Security Positives