security-skill-scanner
Security scanner for ClawdHub skills - detects suspicious patterns, manages whitelists, and monitors Moltbook for security threats.
Install
mkdir -p .claude/skills/security-skill-scanner && curl -L -o skill.zip "https://mcp.directory/api/skills/download/9265" && unzip -o skill.zip -d .claude/skills/security-skill-scanner && rm skill.zipInstalls to .claude/skills/security-skill-scanner
About this skill
Security Skill Scanner
Scans ClawdHub skills for suspicious patterns, manages permission manifests, and monitors Moltbook for security threats.
Features
- Pattern Detection: Scans SKILL.md files for credential theft, command injection, network exfil patterns
- Whitelist Management: Maintains list of known legitimate skills
- Moltbook Monitoring: Continuously monitors Moltbook for security discussions and scam alerts
- Permission Manifests: Generates and tracks skill permissions with Isnad chains
- Daily Reports: Automatic scanning with markdown/JSON reports
Usage
Scan All Skills
python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py
Scan Specific Skill
python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py --skill nano-banana-pro
Add to Whitelist
python3 /root/clawd/skills/security-skill-scanner/whitelist-manager.py add skill-name "reason for whitelist"
Check Whitelist
python3 /root/clawd/skills/security-skill-scanner/whitelist-manager.py list
Monitor Moltbook (One-shot)
bash /root/clawd/skills/security-skill-scanner/moltbook-monitor.sh
Files
| File | Purpose |
|---|---|
skill-scanner.py | Main scanner with regex pattern detection |
whitelist-manager.py | Manage false-positive whitelist |
moltbook-monitor.sh | Moltbook security feed monitor |
permission-manager.py | Generate skill permission manifests |
data/whitelist.json | Whitelisted skills database |
Patterns Detected
| Category | Patterns |
|---|---|
| Credential Theft | .env access, webhook.site, POST secrets |
| Command Injection | os.system, eval, shell=True, subprocess |
| Network Exfil | HTTP requests with Bearer tokens |
| Suspicious Downloads | wget, curl -O, remote scripts |
Whitelisted Skills
These skills are known legitimate and excluded from warnings:
- nano-banana-pro (Google Gemini)
- notion (Notion API)
- trello (Trello API)
- gog (Google Workspace)
- local-places (Google Places)
- bluebubbles (iMessage)
- weather (Weather API)
- And 5 more...
Cron Jobs (Optional)
Add to crontab for automated scanning:
# Daily skill scan at 4 AM
0 4 * * * python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py >> /var/log/skill-scan.log 2>&1
# Moltbook monitor every 30 min
*/30 * * * * bash /root/clawd/skills/security-skill-scanner/moltbook-monitor.sh >> /var/log/moltbook-monitor.log 2>&1
Pre-Install Hook (Block Suspicious Skills)
Install new skills with automatic security scanning that BLOCKS suspicious installations:
Quick Install with Scan
# Interactive mode (asks before installing)
bash /root/clawd/skills/security-skill-scanner/install-skill.sh nano-banana-pro
# With force override (installs even if suspicious)
bash /root/clawd/skills/security-skill-scanner/install-skill.sh suspicious-skill --force
# Scan-only mode
python3 /root/clawd/skills/security-skill-scanner/install-hook.py skill-name --scan-only
Integration with molthub
Add to your shell profile for automatic scanning on every install:
# Add to ~/.bashrc or ~/.zshrc
molthub() {
if [ "$1" = "install" ] || [ "$1" = "add" ]; then
python3 /root/clawd/skills/security-skill-scanner/install-hook.py "$2" --interactive
else
/home/linuxbrew/.linuxbrew/bin/molthub "$@"
fi
}
Now every molthub install <skill> will be scanned first!
What Happens
- Clean skill → Installs normally ✅
- Whitelisted skill → Installs normally ✅
- Suspicious skill → BLOCKED with explanation 🚫
- Suspicious + --force → Warns but installs ⚠️
Example Output
🔒 Pre-Install Security Scan: nano-banana-pro
----------------------------------------------
Status: whitelisted
Action: allowed
✅ Scan passed - safe to install
🚀 Proceeding with installation...
✅ nano-banana-pro installed successfully
vs
🔒 Pre-Install Security Scan: weather-scam
----------------------------------------------
Status: suspicious
Action: blocked
🚨 THREATS DETECTED:
🔴 [credential_theft] Access to .env file
File: SKILL.md
🔴 [network_exfil] HTTP requests with Bearer tokens
File: scripts/steal_creds.py
❌ INSTALLATION BLOCKED
To override: python3 install-hook.py weather-scam --force
Reports
/tmp/security-scanner/scan-report.md- Human-readable scan results/tmp/security-scanner/scan-results.json- Structured JSON output/tmp/security-scanner/moltbook-scan.log- Moltbook monitoring log
Integration
Import as a module:
from skill_scanner import RegexScanner
scanner = RegexScanner()
results = scanner.scan_all_skills()
print(f"Found {results['threats_found']} threats")
More by openclaw
View all skills by openclaw →You might also like
flutter-development
aj-geddes
Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.
drawio-diagrams-enhanced
jgtolentino
Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.
ui-ux-pro-max
nextlevelbuilder
"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."
godot
bfollington
This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.
nano-banana-pro
garg-aayush
Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.
pdf-to-markdown
aliceisjustplaying
Convert entire PDF documents to clean, structured Markdown for full context loading. Use this skill when the user wants to extract ALL text from a PDF into context (not grep/search), when discussing or analyzing PDF content in full, when the user mentions "load the whole PDF", "bring the PDF into context", "read the entire PDF", or when partial extraction/grepping would miss important context. This is the preferred method for PDF text extraction over page-by-page or grep approaches.
Related MCP Servers
Browse all servers
Snyk Agent ScanSecurity scanner for AI agents, MCP servers, and agent skills. Automatically scan code for vulnerabilities, license issu
MCP FortressMCP Fortress — Advanced security scanner that detects vulnerabilities, prompt injection, and tool poisoning to protect y
Cycode Security ScannerUse Cycode Security Scanner for automated SAST and site scanner virus checks on local files and repos, with detailed vul
Security ScannerUse our Security Scanner as a website virus scanner to detect site scanner virus threats, vulnerabilities, and exposed s
Security ScannerSecurity Scanner analyzes code repositories to find exposed secrets, vulnerabilities, dependency flaws and misconfigurat
Code Audit (Ollama)Scan your website for viruses and vulnerabilities with Code Audit (Ollama). Get a comprehensive site scanner virus check
Stay ahead of the MCP ecosystem
Get weekly updates on new skills and servers.