OpenClaw Codex Harness Launch Kit: Subscription Auth, Runtime Setup, Tool Search, and Migration Checklist
This item includes essential tools and setup for the OpenClaw Codex Harness, covering runtime configuration, tool discovery,...
Aegis Audit is a community OpenClaw skill candidate for reviewing other agent skills, MCP tools, plugins, and small tool bundles before they are trusted. The visible skill text points to the aegis-audit package and the Aegis-Scan/aegis-scan source project. Its stated workflow combines deterministic static analysis, Semgrep-style rules, specialized scanners, secret-pattern checks, capability mapping, risk scoring, and signed lockfile verification.
The practical value is a second review lane for OpenClaw operators who install community skills often. Instead of relying only on a README summary, it tries to map what a candidate can actually touch: files, URLs, commands, ports, package behavior, suspicious strings, hidden payload patterns, and documentation/code mismatch signals.
Evaluate this candidate if you maintain an OpenClaw workspace, review third-party skills, approve MCP servers, or need a repeatable report before installing agent tooling. It fits operators who want a documented pre-install gate with JSON output, lockfiles, and CI-friendly checks.
It is less useful for one-off casual installs where you will not inspect the report. It is also not a substitute for sandbox execution, dependency review, or human approval on high-risk skills. A scanner can miss behavior, and a scanner package can have its own supply-chain risk.
ClawHub lists the install target as @sanguineseal/aegis-audit. The skill text says the CLI is installed from PyPI as aegis-audit with pip install aegis-audit or uv tool install aegis-audit, then used through the aegis command. The linked project source is https://github.com/Aegis-Scan/aegis-scan.
Pricing classification: free. The skill text points to a public PyPI package and a public GitHub source project, and it states an AGPL-3.0 license. Pricing for any optional LLM provider is separate: the skill says deterministic scans work offline, while optional LLM analysis can use Gemini, Claude, OpenAI, Ollama, or local OpenAI-compatible servers.
SKILL.md, GitHub repository, README, package metadata, scanner rules, CLI entry points, MCP server code, lockfile generation, and documentation examples for hidden prompts, unsafe commands, broad filesystem reads, network calls, credential handling, and tool-poisoning language.pip and uv install the same artifact.aegis scan --no-llm on a tiny benign fixture, a fixture with an obvious unsafe shell pattern, and a fixture containing fake secrets. Then test aegis lock, aegis verify, JSON output, and failure behavior.This is not a tested, safe, clean, recommended, or production-ready claim. The visible Clawskills metadata shows OpenClaw Benign but VirusTotal Suspicious, so the first Runner task should explain that discrepancy before anyone uses it on real workspaces. Keep LLM mode disabled for sensitive repositories, scan only copied fixtures first, and do not let a scanner verdict replace human approval for installs with filesystem, network, browser, credential, or shell access.
Sign in to join the discussion and vote on comments.
Sign in