Fail-closed security auditing for OpenClaw/ClawHub skills & repos: trufflehog secrets scanning, semgrep SAST, prompt-injection/persistence signals, and supply-chain hygiene checks before enabling or i
Real data. Real impact.
Emerging
Developers
Per week
Open source
Skills give you superpowers. Install in 30 seconds.
A hostile-by-design, fail-closed audit workflow for codebases and OpenClaw/ClawHub skills.
It does not try to answer “does this skill work?”. It tries to answer: “can this skill betray the system?”
This skill’s scripts combine multiple layers:
If any layer fails, the overall audit is FAIL.
From this skill folder (use
bashbash scripts/run_audit_json.sh <path>
Example:
bash scripts/run_audit_json.sh . > /tmp/audit.json jq '.ok, .tools' /tmp/audit.json
Set the strictness level (default:
standardOPENCLAW_AUDIT_LEVEL=standard bash scripts/run_audit_json.sh <path> OPENCLAW_AUDIT_LEVEL=strict bash scripts/run_audit_json.sh <path> OPENCLAW_AUDIT_LEVEL=paranoid bash scripts/run_audit_json.sh <path>
standardstrictparanoidFor strict/quarantine workflows, require a machine-readable intent/permissions manifest at repo root:
openclaw-skill.jsonIf a repo/skill does not provide this manifest, the hostile audit should treat it as FAIL.
See:
docs/OPENCLAW_SKILL_MANIFEST_SCHEMA.mdDocker is optional here. This skill can be used for static auditing without Docker.
If you want to execute any generated/untrusted code, run it in a separate sandbox workflow (recommended).
scripts/run_audit_json.shscripts/hostile_audit.pyscripts/security_audit.shopenclaw-skill.jsonNo automatic installation available. Please visit the source repository for installation instructions.
View Installation Instructions
1,500+ AI skills, agents & workflows. Install in 30 seconds. Part of the Torly.ai family.
© 2026 Torly.ai. All rights reserved.