skill-shield Security Report — Low Risk | ClawSafe

25 /100

skill-shield

OpenClaw extension security management system - scans installed extensions for security risks, maintains allowlists/blocklists

Legitimate security scanner for OpenClaw extensions with minor documentation gaps; hook references non-existent script but no confirmed malicious behavior detected.

Skill Nameskill-shield

Duration35.4s

Enginepi

✓

Safe to install

Verify the tui-startup.py script exists if using the hook functionality; otherwise safe to use for extension security scanning.

Findings 2 items

Severity	Finding	Location
Low	Hook references non-existent script Doc Mismatch The shield-scan.js hook references 'scripts/tui-startup.py' which is not included in the package. While this doesn't cause immediate harm, it suggests incomplete implementation or potential for malicious script injection. `const STARTUP_SCRIPT = path.join(SHIELD_DIR, 'scripts', 'tui-startup.py');` → Either remove the hook reference to tui-startup.py or include the actual script. If keeping the hook, declare shell execution in SKILL.md.	`hook/shield-scan.js:14`
Low	Undeclared shell execution capability Priv Escalation The hook module uses Node.js execSync to execute Python scripts, but this shell execution capability is not declared in SKILL.md metadata. const result = execSync(`python3 "${STARTUP_SCRIPT}"`, {...}); → Declare shell:WRITE in allowedTools if hook functionality is intended for production.	`hook/shield-scan.js:18`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	shield.py:107 - os.walk traversal of skills directory
Shell	`NONE`	`WRITE`	✗ Violation	hook/shield-scan.js:18 - execSync references non-existent script
Network	`NONE`	`NONE`	—	No network requests found in codebase
Database	`READ`	`READ`	✓ Aligned	shield.py:55 - reads risk database JSON
Environment	`NONE`	`NONE`	—	No os.environ iteration found
credential	`NONE`	`NONE`	—	No credential access patterns detected

File Tree

6 files · 31.0 KB · 1007 lines

Python 2f · 511L Markdown 2f · 447L JavaScript 1f · 39L JSON 1f · 10L

├─ ▾ 📁 hook

│ └─ 📜 shield-scan.js JavaScript 39L · 1.1 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 generate_report.py Python 87L · 3.0 KB

│ └─ 🐍 shield.py Python 424L · 15.9 KB

├─ 🔑 config.json ⚠ JSON 10L · 183 B

├─ 📝 README.md Markdown 227L · 5.1 KB

└─ 📝 SKILL.md Markdown 220L · 5.8 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`Python standard library only`	`3.6+`	stdlib	No	No pip packages - uses only os, re, json, glob, hashlib, pathlib, datetime, argparse, typing

Security Positives

✓ Uses only Python standard library - no external dependencies to compromise

✓ No credential harvesting or sensitive path access

✓ No network exfiltration or C2 communication

✓ No obfuscation or base64-encoded payloads

✓ Legitimate security scanning tool with proper risk categorization

✓ Open-source readable code with no hidden functionality beyond declared scope

Scan Report

Findings 2 items

File Tree

Dependencies 1 items

Security Positives