Skill Scanner

# Skill Scanner Scan skills before you install them. Detects data exfiltration, obfuscated code, reverse shells, and dangerous system modifications Skill Scanner is a security audit tool designed to protect your AI assistant environment by analyzing Clawdbot and MCP skills for malicious code before you install them. It detects a wide range of threats including malware, spyware, crypto-miners, data exfiltration attempts, backdoors, and obfuscation techniques — giving you confidence that the skills you run are safe. ## How It Works Skill Scanner inspects skill folders by statically analyzing their source files using pattern-matching and heuristic detection techniques built entirely on Python's standard library. It scans for known threat signatures across multiple categories, then produces a detailed report in either Markdown or JSON format. You can run it directly from the command line, invoke it through your Clawdbot assistant with a natural language prompt, or launch its optional Streamlit-powered Web UI for a visual audit experience. ## Key Features - **Malware & Spyware Detection**: Identifies known malicious code patterns commonly found in compromised or weaponized skills - **Data Exfiltration Analysis**: Flags code that attempts to read and transmit sensitive files, credentials, or environment variables - **Crypto-Mining Indicators**: Catches signatures associated with unauthorized cryptocurrency mining activity - **System Modification Detection**: Alerts on attempts to alter system files, registries, or configurations - **Backdoor Identification**: Surfaces hidden remote access mechanisms or persistent execution hooks - **Obfuscation Detection**: Recognizes encoded, packed, or deliberately obscured code designed to evade review - **Arbitrary Code Execution Flags**: Highlights dangerous eval/exec patterns and dynamic code loading risks - **Flexible Output Formats**: Reports available in Markdown for readability or JSON for programmatic processing - **Web UI Support**: Optional Streamlit interface for a browser-based audit dashboard ## Requirements - **Python 3.7+**: Required to run the scanner - **No mandatory dependencies**: Core functionality uses only the Python standard library - **Streamlit**: Optional; install with pip install streamlit only if you want the Web UI ## Use Cases - **Pre-installation audits**: Scan any third-party skill before adding it to your Clawdbot or MCP environment - **CI/CD security gates**: Integrate into automated pipelines to block malicious skills from being deployed - **Skill marketplace review**: Audit community-contributed skills before publishing or approving them - **Incident investigation**: Analyze a suspect skill after unexpected system behavior is observed - **Developer self-checks**: Verify your own skill code doesn't accidentally include dangerous patterns ## Installation Install via: `npx clawhub@latest install skill-scanner`

Installation