Comprehensive OpenClaw security scanning powered by Tencent Zhuque Lab A.I.G (AI-Infra-Guard). Use when the user asks to start a security health check or sec...
Security Analysis
medium confidenceThe skill's instructions broadly match a security-audit purpose (running openclaw CLI checks and querying a Tencent AIG service) but there are metadata omissions and reliance on external requests and a 'deep' live probe that warrant caution before installing or running it against production data.
The SKILL.md clearly expects to run the `openclaw` CLI (e.g., `openclaw security audit --deep`, `openclaw skills list`) and to call an AIG cloud endpoint. However the registry metadata at the top of the submission lists no required binaries or env vars, while the SKILL.md metadata and configuration section reference `openclaw` and an `AIG_BASE_URL`. This mismatch (declared requirements omitted from registry) is an inconsistency that should be resolved before trusting the skill.
Instructions tell the agent to run local security commands (including a `--deep` mode that may perform live Gateway probing), enumerate and locally audit installed skills, and perform outbound HTTPS requests to matrix.tencent.com (supply-chain and CVE lookups). The doc asserts only limited, non-sensitive data will be sent, but because this is instruction-only (no code) the agent executing these steps must be trusted to obey that constraint. The live probing and network interactions are reasonable for an audit but are potentially intrusive and could expose network-facing services or produce unexpected traffic.
This is an instruction-only skill with no install spec and no code files, so nothing will be downloaded or written by an installer. That lowers supply-chain/install risk compared to skills that fetch executables.
The skill does not request secret environment variables or credentials in the registry, which is appropriate for a scanner. However SKILL.md references an `AIG_BASE_URL` configuration (and expects outbound HTTPS access to matrix.tencent.com) — the registry should declare any environment config the skill expects. No credentials are requested, which is proportionate, but the responsibility to avoid sending sensitive local data is left to the executing agent.
The skill is not forced-always, is user-invocable, and does not request persistent system modifications in the SKILL.md. Autonomous invocation is allowed (platform default) but not by itself a red flag here.
Guidance
Before installing or running this skill: 1) Confirm you have the `openclaw` CLI and that the registry metadata correctly declares it — the SKILL.md expects it but the registry omitted it. 2) Be aware the skill will perform a 'deep' audit that may probe network gateways and will make HTTPS calls to matrix.tencent.com (or to whatever AIG_BASE_URL you set). If you have sensitive services, run this on a staging environment first. 3) Verify the skill's promise not to upload file contents or credentials; because it's instruction-only, the agent executing the steps must be trusted to follow that. 4) If you require an AIG endpoint, decide whether you trust the external service and whether you want to set a custom AIG_BASE_URL. 5) Prefer running the commands manually or reviewing the full SKILL.md end-to-end if you need higher assurance. If you want, provide the full SKILL.md (untruncated) or the exact curl/HTTP examples and I can point out any spots that could accidentally leak data.
Latest Release
v1.0.8
edgeone-clawscan 1.0.8 - Added "auth: aigsec" field to support authentication. - Added "license: MIT" and standardized metadata fields. - Introduced detailed keyword and trigger entries for improved discoverability. - Expanded tags list for better classification and filtering. - No changes to scanning logic or functionality.
Popular Skills
Published by @aigsec on ClawHub
