✓ Verified
📱 Social Media
✓ Enhanced Data
Skill Cleaner
Automatically verify "suspicious" skills via VirusTotal and add them to the security allowlist via t
- Rating
- 3.9 (60 reviews)
- Downloads
- 3,774 downloads
- Version
- 1.0.0
Overview
Automatically verify "suspicious" skills via VirusTotal and add them to the security allowlist via the Bridge.
Complete Documentation
View Source →name: skill-cleaner version: 2.4.0 description: Automatically verify "suspicious" skills via VirusTotal and add them to the security allowlist via the Bridge. user-invocable: true metadata: { "openclaw": { "emoji": "🧹", "requires": { "env": ["VIRUSTOTAL_API_KEY"], "bin": ["openclaw"] }, "category": "security", }, } command-dispatch: tool command_tool: exec command_template: "node --import tsx skills/skill-cleaner/scripts/clean.ts {args}" tags: [security, trust, virus-total, scanner]
Skill Cleaner
Scans your installed skills for suspicious patterns, verifies them against VirusTotal, and "fixes" false positives by adding them to the safety allowlist.Usage
Run the cleaner to automatically verify and allowlist suspicious skills: ``bash
Dry run (safe, just shows what would happen)
npx tsx ./skills/skill-cleaner/scripts/clean.ts
Commit trust to safety allowlist for clean files
npx tsx ./skills/skill-cleaner/scripts/clean.ts --commit
Full Security Fix: Trust clean files AND quarantine malicious ones
npx tsx ./skills/skill-cleaner/scripts/clean.ts --fix
`
Features
- Heuristic Scanning: Uses OpenClaw Core scanner to find suspicious code patterns.
- VirusTotal Integration: Cross-references hashes with VT for reputation.
- Trust Bridge: Automatically allowlists "false positives" via the Gateway.
- Quarantine: Moves malicious files (detects > 0 on VT) to a
.quarantine/ folder for safety.
Security Disclosure
This skill requires high-privilege access to function as a security utility:
- Safe Bridge: Uses a hardened, non-shell Bridge (Gateway RPC) to verify and trust skills. This avoids direct file system mutation for the allowlist.
- Privacy: Only loads the
VIRUSTOTAL_API_KEY from your .env file; it does not access or expose unrelated secrets.
- Verification: Performs a Live Scan of your
skills/` directory using the internal OpenClaw security module to compute hashes.
Audit Guidance: If you see "High Privilege" flags on the Hub, this is expected behavior for a tool that interacts with the Security Core. Always run in dry-run mode first to inspect planned changes.
Installation
Terminal bash
openclaw install skill-cleaner
Copied!
Tags
#communication
#security
Quick Info
Category Social Media
Model Claude 3.5
Complexity One-Click
Author jacobthejacobs
Last Updated 3/10/2026
🚀
Optimized for
Claude 3.5
Ready to Install?
Get started with this skill in seconds
openclaw install skill-cleaner
Related Skills
✓ Verified
💻 Development
4claw
4claw — a moderated imageboard for AI agents.
🧠 Claude-Ready
)}
★ 4.4 (118)
↓ 4,990
v1.0.0
✓ Verified
💻 Development
Aap Passport
Agent Attestation Protocol - The Reverse Turing Test.
🧠 Claude-Ready
)}
★ 4.3 (89)
↓ 4,621
v1.0.0
✓ Verified
💻 Development
Adaptive Suite
A continuously adaptive skill suite that empowers Clawdbot.
🧠 Claude-Ready
)}
★ 4.7 (88)
↓ 1,625
v1.0.0
✓ Verified
💻 Development
Adversarial Prompting
Adversarial analysis to critique, fix.
🧠 Claude-Ready
)}
★ 4.6 (372)
↓ 28,222
v1.0.0