✓ Verified
💻 Development
✓ Enhanced Data
Skill Trust Auditor
Audit a ClawHub skill for security risks BEFORE installation.
- Rating
- 3.9 (169 reviews)
- Downloads
- 2,051 downloads
- Version
- 1.0.0
Overview
Audit a ClawHub skill for security risks BEFORE installation.
Complete Documentation
View Source →
Skill Trust Auditor
Audit any ClawHub skill for security risks before installation.
🛠️ Installation
1. Ask OpenClaw (Recommended)
Tell OpenClaw: "Install the skill-trust-auditor skill." The agent will handle the installation and configuration automatically.2. Manual Installation (CLI)
If you prefer the terminal, run:bash
clawhub install skill-trust-auditorSetup (first run only)
bash
bash scripts/setup.shAudit a Skill
When user says "audit [skill-name]" or "is [skill-name] safe" or before any clawhub install:
bash
bash scripts/audit.sh [skill-name-or-url]
# Example:
bash scripts/audit.sh steipete/clawhub
bash scripts/audit.sh https://clawhub.ai/someuser/someskillOutput:
json
{
"skill": "someuser/someskill",
"trust_score": 72,
"verdict": "INSTALL WITH CAUTION",
"risks": [
{"level": "HIGH", "pattern": "curl to external domain", "location": "scripts/sync.sh:14"},
{"level": "MEDIUM", "pattern": "reads MEMORY.md", "location": "SKILL.md:23"}
],
"safe_patterns": ["no env var access", "no self-modification"],
"author_verified": false,
"recommendation": "Review scripts/sync.sh:14 before installing. The external curl call could exfiltrate data."
}Post to user with clear summary:
text
🛡️ Trust Audit: someuser/someskill
Score: 72/100 — ⚠️ INSTALL WITH CAUTION
🔴 HIGH: curl to unknown domain in scripts/sync.sh:14
🟡 MEDIUM: reads your MEMORY.md
Recommendation: Inspect line 14 of sync.sh before proceeding.
Run: clawhub show someuser/someskill --file scripts/sync.shTrust Score Guide
| Score | Verdict | Action |
|---|---|---|
| 90-100 | ✅ SAFE | Install freely |
| 70-89 | ⚠️ CAUTION | Review flagged items first |
| 50-69 | 🟠 RISKY | Only if you understand the risks |
| 0-49 | 🔴 DO NOT INSTALL | High probability of malicious intent |
Risk Pattern Reference
HIGH RISK (-30 each):
process.envaccess in scriptscurl/wgetto non-standard domains- Reading
~/.configor~/.openclawdirectly exec()with user-controlled input- Instructions to modify
SOUL.md/AGENTS.md/openclaw.json
- Any outbound API calls (even to known services)
- File writes outside workspace
- Reading
MEMORY.mdor diary files
web_fetchto standard domains- Read-only file access in workspace
Auto-Audit Mode
Optionally prepend audit to every install:
bash
# Add to your shell aliases:
alias clawhub-safe='bash ~/.openclaw/workspace/skills/skill-trust-auditor/scripts/audit.sh $1 && clawhub install $1'ClawHavoc Pattern Reference
See references/clawhavoc-patterns.md for known malicious patterns from the February 2026 incident. Update this file when new incidents are reported.
Installation
Terminal bash
openclaw install skill-trust-auditor
Copied!
💻Code Examples
bash scripts/setup.sh
bash-scriptssetupsh.txt
## Audit a Skill
When user says "audit [skill-name]" or "is [skill-name] safe" or before any `clawhub install`:Run: clawhub show someuser/someskill --file scripts/sync.sh
run-clawhub-show-someusersomeskill---file-scriptssyncsh.txt
## Trust Score Guide
| Score | Verdict | Action |
|-------|---------|--------|
| 90-100 | ✅ SAFE | Install freely |
| 70-89 | ⚠️ CAUTION | Review flagged items first |
| 50-69 | 🟠 RISKY | Only if you understand the risks |
| 0-49 | 🔴 DO NOT INSTALL | High probability of malicious intent |
## Risk Pattern Reference
**HIGH RISK** (-30 each):
- `process.env` access in scripts
- `curl`/`wget` to non-standard domains
- Reading `~/.config` or `~/.openclaw` directly
- `exec()` with user-controlled input
- Instructions to modify `SOUL.md`/`AGENTS.md`/`openclaw.json`
**MEDIUM RISK** (-10 each):
- Any outbound API calls (even to known services)
- File writes outside workspace
- Reading `MEMORY.md` or diary files
**LOW RISK** (-3 each):
- `web_fetch` to standard domains
- Read-only file access in workspace
## Auto-Audit Mode
Optionally prepend audit to every install:example.sh
bash scripts/audit.sh [skill-name-or-url]
# Example:
bash scripts/audit.sh steipete/clawhub
bash scripts/audit.sh https://clawhub.ai/someuser/someskillexample.json
{
"skill": "someuser/someskill",
"trust_score": 72,
"verdict": "INSTALL WITH CAUTION",
"risks": [
{"level": "HIGH", "pattern": "curl to external domain", "location": "scripts/sync.sh:14"},
{"level": "MEDIUM", "pattern": "reads MEMORY.md", "location": "SKILL.md:23"}
],
"safe_patterns": ["no env var access", "no self-modification"],
"author_verified": false,
"recommendation": "Review scripts/sync.sh:14 before installing. The external curl call could exfiltrate data."
}example.txt
🛡️ Trust Audit: someuser/someskill
Score: 72/100 — ⚠️ INSTALL WITH CAUTION
🔴 HIGH: curl to unknown domain in scripts/sync.sh:14
🟡 MEDIUM: reads your MEMORY.md
Recommendation: Inspect line 14 of sync.sh before proceeding.
Run: clawhub show someuser/someskill --file scripts/sync.shTags
#web_and-frontend-development
#security
Quick Info
Category Development
Model Claude 3.5
Complexity One-Click
Author jonathanjing
Last Updated 3/10/2026
🚀
Optimized for
Claude 3.5
Ready to Install?
Get started with this skill in seconds
openclaw install skill-trust-auditor
Related Skills
✓ Verified
💻 Development
4claw
4claw — a moderated imageboard for AI agents.
🧠 Claude-Ready
)}
★ 4.4 (118)
↓ 4,990
v1.0.0
✓ Verified
💻 Development
Aap Passport
Agent Attestation Protocol - The Reverse Turing Test.
🧠 Claude-Ready
)}
★ 4.3 (89)
↓ 4,621
v1.0.0
✓ Verified
💻 Development
Acestep Lyrics Transcription
Transcribe audio to timestamped lyrics using OpenAI Whisper or ElevenLabs Scribe API.
⚡ GPT-Optimized
)}
★ 3.8 (274)
↓ 17,648
v1.0.0
✓ Verified
💻 Development
Adaptive Suite
A continuously adaptive skill suite that empowers Clawdbot.
🧠 Claude-Ready
)}
★ 4.7 (88)
↓ 1,625
v1.0.0