Skill Scan - Security Scanner for OpenClaw Skills
Purpose
Skill Scan is a security tool that analyzes OpenClaw Skills for potentially malicious code and threat intelligence indicators before installation or during audits.
Features
- - 🔍 Static Code Analysis: Detects dangerous patterns (exec, network, filesystem, sensitive data access)
- 🌐 Domain Extraction: Identifies all domains referenced in Skill code
- 🛡️ Threat Intelligence Check: Validates domains against abuse databases (Abuse.ch, AbuseIPDB, VirusTotal)
- 📊 Risk Scoring: Generates risk levels (low/medium/high) with detailed reports
- 💾 JSON Export: Saves scan results for automation and CI/CD integration
Usage
Basic Scan
CODEBLOCK0
Examples
CODEBLOCK1
Output
Risk Levels
| Level | Meaning | Action |
|---|
| 🟢 low | Only routine network requests | Safe to install |
| 🟡 medium |
Contains exec/system calls | Review code manually |
| 🔴
high | Suspicious domains/malicious patterns | ⚠️ Do NOT install |
Report Format
CODEBLOCK2
Detection Categories
1. Exec (System Command Execution)
- -
exec(), execSync(), �INLINECODE2 - INLINECODE3�, �INLINECODE4
- INLINECODE5�, �INLINECODE6
2. Network (Network Requests)
- -
fetch(), �INLINECODE8 - INLINECODE9�, �INLINECODE10
- INLINECODE11�, �INLINECODE12
- INLINECODE13
3. Filesystem (File Operations)
- -
fs.writeFile, fs.readFile, �INLINECODE16 - INLINECODE17
- INLINECODE18
4. Sensitive (Sensitive Data Access)
- -
process.env, �INLINECODE20 - INLINECODE21
- Hardcoded secrets:
secret=, password=, token=, �INLINECODE25
Threat Intelligence Sources
Built-in (Free APIs)
| Source | Type | API |
|---|
| Abuse.ch URLhaus | Malicious domains/IPs | https://urlhaus-api.abuse.ch/ |
| AbuseIPDB |
IP reputation | https://www.abuseipdb.com/api |
|
Local Blacklist | Known malicious domains | Built-in |
Optional (API Key Required)
| Source | Type | API |
|---|
| VirusTotal | Files/URLs/Domains | https://www.virustotal.com/api/ |
| AlienVault OTX |
Threat intelligence | https://otx.alienvault.com/api |
|
Google Safe Browsing | Malicious websites | https://safebrowsing.googleapis.com/ |
Configuration
To enable additional threat intelligence APIs, edit the script and add your API keys:
CODEBLOCK3
Integration
Pre-installation Hook
Add to your CI/CD pipeline:
CODEBLOCK4
Periodic Audit
Create a cron job for weekly audits:
CODEBLOCK5
Security Best Practices
- 1. Always scan before installing - Never install Skills from unknown sources without scanning
- Review medium/high risks - Don't ignore warnings
- Keep threat intel updated - Regularly update local blacklists
- Report false positives - Help improve the tool
- Contribute signatures - Add new malicious patterns you discover
Troubleshooting
Issue: Script fails to run
Solution: Ensure Python 3 is installed and script has execute permission
�CODEBLOCK6
Issue: Threat intelligence API timeout
Solution: Check network connection or API key validity
�CODEBLOCK7
Issue: Too many false positives
Solution: Adjust detection patterns in the script or add domains to whitelist
Limitations
- - Static analysis only - Cannot detect runtime behavior
- API rate limits - Free APIs have request limits
- Evasion techniques - Obfuscated code may bypass detection
- No sandbox - Does not execute code in isolation
Contributing
Contributions welcome! Please:
- 1. Fork the repository
- Add new detection patterns
- Integrate additional threat intelligence sources
- Submit pull requests
License
MIT License - See LICENSE file for details
Support
- - Issues: https://github.com/yourusername/skill-scan/issues
- Documentation: https://github.com/yourusername/skill-scan/wiki
- Threat Intel: Report malicious domains to abuse@yourdomain.com
Remember: This tool is a first line of defense. Always combine with manual code review and other security measures for critical systems.
技能扫描 - OpenClaw技能安全扫描器
目的
技能扫描是一款安全工具,可在安装前或审计期间分析OpenClaw技能中潜在的恶意代码和威胁情报指标。
功能特性
- - 🔍 静态代码分析:检测危险模式(执行、网络、文件系统、敏感数据访问)
- 🌐 域名提取:识别技能代码中引用的所有域名
- 🛡️ 威胁情报检查:针对滥用数据库(Abuse.ch、AbuseIPDB、VirusTotal)验证域名
- 📊 风险评分:生成风险等级(低/中/高)并附带详细报告
- 💾 JSON导出:保存扫描结果,支持自动化和CI/CD集成
使用方法
基础扫描
bash
python3 ~/.openclaw/skills/skill-scan/scripts/skill-scan.py <技能路径>
示例
bash
扫描特定技能
python3 ~/.openclaw/skills/skill-scan/scripts/skill-scan.py ~/.openclaw/extensions/mem9
扫描所有已安装技能
for skill in ~/.openclaw/extensions/*/; do
echo 正在扫描: $skill
python3 ~/.openclaw/skills/skill-scan/scripts/skill-scan.py $skill
done
安装前扫描
tar -xzf new-skill.tgz -C /tmp/skill-check/
python3 ~/.openclaw/skills/skill-scan/scripts/skill-scan.py /tmp/skill-check/
输出结果
风险等级
| 等级 | 含义 | 操作建议 |
|---|
| 🟢 低 | 仅常规网络请求 | 可安全安装 |
| 🟡 中 |
包含exec/system调用 | 需手动审查代码 |
| 🔴
高 | 可疑域名/恶意模式 | ⚠️ 请勿安装 |
报告格式
============================================================
📊 技能安全扫描报告
============================================================
技能路径: /path/to/skill
风险等级: 低
发现总数: 2
已检查域名: 1
📋 按类别分类的发现项:
- 网络: 2
📝 详细信息:
[网络] /path/to/file.ts:30
const resp = await fetch(this.baseUrl + /v1alpha1/mem9s, {
============================================================
检测类别
1. 执行(系统命令执行)
- - exec(), execSync(), spawn()
- childprocess, subprocess.*
- os.system(), shellexec()
2. 网络(网络请求)
- - fetch(), axios.
- http.get, https.get
- requests., urllib.request
- XMLHttpRequest
3. 文件系统(文件操作)
- - fs.writeFile, fs.readFile, fs.unlink
- open(..., w)
- shutil.(copy|move|remove)
4. 敏感(敏感数据访问)
- - process.env, process.argv
- os.environ
- 硬编码密钥:secret=, password=, token=, api_key=
威胁情报来源
内置(免费API)
| 来源 | 类型 | API |
|---|
| Abuse.ch URLhaus | 恶意域名/IP | https://urlhaus-api.abuse.ch/ |
| AbuseIPDB |
IP信誉 | https://www.abuseipdb.com/api |
|
本地黑名单 | 已知恶意域名 | 内置 |
可选(需要API密钥)
| 来源 | 类型 | API |
|---|
| VirusTotal | 文件/URL/域名 | https://www.virustotal.com/api/ |
| AlienVault OTX |
威胁情报 | https://otx.alienvault.com/api |
|
Google Safe Browsing | 恶意网站 | https://safebrowsing.googleapis.com/ |
配置
要启用额外的威胁情报API,请编辑脚本并添加您的API密钥:
python
THREATINTELAPIS = {
virustotal: {
url: https://www.virustotal.com/api/v3/domains/,
key_param: x-apikey,
api_key: 您的API密钥 # 在此处添加您的密钥
}
}
集成
安装前钩子
添加到您的CI/CD流水线:
bash
#!/bin/bash
安装前安全检查
SKILL_PATH=$1
REPORT=$(python3 ~/.openclaw/skills/skill-scan/scripts/skill-scan.py $SKILL_PATH)
if echo $REPORT | grep -q 风险等级: 高; then
echo ❌ 安全检查失败:检测到高风险
exit 1
fi
echo ✅ 安全检查通过
定期审计
创建每周审计的cron任务:
bash
/etc/cron.d/skill-scan
0 2
1 niuqun python3 ~/.openclaw/skills/skill-scan/scripts/skill-scan.py ~/.openclaw/extensions/* >> /var/log/skill-scan.log
安全最佳实践
- 1. 安装前务必扫描 - 切勿安装未经扫描的未知来源技能
- 审查中/高风险 - 不要忽略警告
- 保持威胁情报更新 - 定期更新本地黑名单
- 报告误报 - 帮助改进工具
- 贡献检测特征 - 添加您发现的新恶意模式
故障排除
问题:脚本运行失败
解决方案:确保已安装Python 3且脚本具有执行权限
bash
chmod +x ~/.openclaw/skills/skill-scan/scripts/skill-scan.py
问题:威胁情报API超时
解决方案:检查网络连接或API密钥有效性
bash
curl -I https://urlhaus-api.abuse.ch/
问题:误报过多
解决方案:调整脚本中的检测模式或将域名添加到白名单
局限性
- - 仅静态分析 - 无法检测运行时行为
- API速率限制 - 免费API有请求限制
- 规避技术 - 混淆代码可能绕过检测
- 无沙箱 - 不会在隔离环境中执行代码
贡献指南
欢迎贡献!请:
- 1. Fork仓库
- 添加新的检测模式
- 集成额外的威胁情报来源
- 提交拉取请求
许可证
MIT许可证 - 详情请参阅LICENSE文件
支持
- - 问题反馈:https://github.com/yourusername/skill-scan/issues
- 文档:https://github.com/yourusername/skill-scan/wiki
- 威胁情报:将恶意域名报告至 abuse@yourdomain.com
请记住:此工具是第一道防线。对于关键系统,请始终结合手动代码审查和其他安全措施。
