Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.
Security Analysis
medium confidenceThe skill's code and instructions are broadly consistent with a local static scanner, but the package provenance is unknown, some source text was truncated in the review, and there are small implementation/assurance gaps you should verify before trusting it.
Name/description match the code: this is a local static scanner that searches files for malicious patterns and offers a Streamlit UI. It does not request credentials or binaries unrelated to its purpose. However the skill's origin is unknown (no homepage) and README suggests cloning from a GitHub repo; validate the upstream source before installing.
Runtime instructions and code limit activity to reading the target skill folder (or uploaded files) and producing a report; the scanner performs regex-based pattern matching and the Streamlit UI writes uploaded files to a temporary directory for scanning. It does not appear to execute scanned code or access system credential files directly. Still, the SKILL.md/README emphasize scanning for access to credential paths (they detect strings like '~/.ssh' in code) — ensure you do not point the scanner at real secret stores, and avoid uploading sensitive files to the web UI.
No install spec provided (instruction-only skill with included Python files). That is low-risk from an install perspective — nothing is downloaded or extracted by an automated installer. The Streamlit UI is optional and requires you to pip-install streamlit yourself.
The skill requests no environment variables or credentials. The scanner flags patterns that would indicate credential/file access in scanned code, but the scanner itself does not request or require secrets.
always=false and the skill does not request persistent system changes. The code writes uploaded content to a temporary directory only and does not modify other skills or system configuration according to the reviewed files.
Guidance
This package appears to implement a local static scanner and a Streamlit UI that scans only the files you provide. Before installing or running it, do the following: 1) Verify the source/author — the registry metadata shows no homepage and the origin is unknown; prefer code from a trusted repo. 2) Inspect the full skill_scanner.py and streamlit_ui.py (the provided copy was truncated in places) to confirm there is no hidden behavior (network calls, code execution, auto-update). 3) Do not point the scanner at real secret stores or upload sensitive files to the web UI — it only looks for strings/patterns in files, but uploading sensitive data to a web UI increases exposure. 4) Run it in a sandbox or VM first and test on harmless sample skills to validate false-positive/negative behavior. 5) Note minor implementation issues (the UI references a format_markdown method and truncated code made it impossible to confirm all functions) — fix or review those before relying on automated CI gating. If you want higher assurance, ask the publisher for a canonical repo URL, full source, and a reproducible build or have a security-savvy reviewer audit the complete code.
Latest Release
v0.1.2
- Updated SKILL.md to use standardized frontmatter metadata format. - Clarified and expanded description for improved readability. - Removed redundant metadata from the main text section.
Popular Skills
Published by @bvinci1-design on ClawHub
