ログイン
Shukiclaw

Skill Guardian

by @Shukiclaw in AI & LLM
0
0
# Install this skill:
npx skills add Shukiclaw/skill-guardian

Or install specific skill: npx add-skill https://github.com/Shukiclaw/skill-guardian

# Description

Security scanner for AI Agent Skills

# SKILL.md

Skill Guardian

Security scanner for AI Agent Skills - detects malicious patterns without executing the skill.

Features

  • Static analysis of SKILL.md files
  • Pattern-based detection (exec, network, file I/O)
  • AST-based behavioral analysis
  • Reports threats without running the skill

Usage

cd /path/to/skill-guardian
python skill_guardian.py scan /path/to/skill
python skill_guardian.py scan-all /path/to/skills --recursive

Scanning ClawdHub

python skill_guardian.py scan-all ~/clawdhub/skills --recursive

Output

  • Status: SAFE / SUSPICIOUS / DANGEROUS
  • Threats with severity levels (LOW/MEDIUM/HIGH/CRITICAL)
  • Detailed findings with file locations

# README.md

Skill Guardian 🛡️

Security scanner for AI Agent Skills - detects malicious patterns without executing the skill.

Why?

With the rise of agent skills in platforms like ClawdHub, there's a risk of installing skills that do more than they claim. This scanner helps identify potentially dangerous patterns before running a skill.

Installation

cd skill-guardian
pip install -r requirements.txt

Usage

Scan a single skill

python skill_guardian.py scan /path/to/skill

Scan all skills in a directory

python skill_guardian.py scan-all /path/to/skills --recursive

Scan ClawdHub skills

python skill_guardian.py scan-all ~/.clawdhub/skills --recursive

JSON output (for CI/CD)

python skill_guardian.py scan-all /path/to/skills --json --output results.json

What It Detects

Category Examples Severity
Command Execution exec(), subprocess, os.system() HIGH
Code Execution eval(), __import__() HIGH
Network Access requests, urllib, socket MEDIUM
File Access open() for writing, Path.glob() MEDIUM
Data Exfiltration smtplib, suspicious keywords CRITICAL
Environment Access os.getenv(), os.environ LOW
Prompt Injection "ignore previous instructions" HIGH

Output Example

============================================================
Skill: suspicious-weather
============================================================
Status: SUSPICIOUS
Max Severity: HIGH
Total Findings: 3
Scan Duration: 0.05s

[HIGH]
  - Uses 'exec()' for dynamic code execution
    File: skill.py:42
  - Dynamic code evaluation via eval()
    File: skill.py:78

[MEDIUM]
  - Makes HTTP requests (potential data exfiltration)
    File: weather.py:15

Security Note

⚠️ This scanner is STATIC ONLY - it never executes the skill code. It analyzes SKILL.md and Python files for patterns that indicate potentially dangerous behavior.

Requirements

  • Python 3.7+
  • No external dependencies (standard library only)

License

MIT - Use at your own risk. Always review skills manually before running.

# Related Skills

# Supported AI Coding Agents

This skill is compatible with the SKILL.md standard and works with all major AI coding agents:

Amp 🚀 Antigravity 🤖 Claude Code 🦀 Clawdbot 📝 Codex ▶️ Cursor 🤖 Droid 💎 Gemini CLI 🐙 GitHub Copilot 🪿 Goose 📊 Kilo Code 🔧 Kiro CLI 💻 OpenCode 🦘 Roo Code 🌲 Trae 🏄 Windsurf

Learn more about the SKILL.md standard and how to use these skills with your preferred AI coding agent.