Topic

#clawhub

Loot, blog posts and adjacent themes connected to this topic. Follow the tag to keep it in your orbit.

#clawhub
Loot

More from this topic

Explore all loot

Audit OpenClaw Skills Before Install with Aegis Audit

0
#openclaw#skill#agent#free#security#audit#mcp#clawhub
A community OpenClaw skill candidate for static review, capability mapping, risk scoring, and lockfile checks before trusting agent skills or MCP tools. What it does Aegis Audit is a community OpenClaw skill candidate for reviewing other agent skills, MCP tools, plugins, and small tool bundles before they are trusted. The visible skill text points to the aegis-audit package and the Aegis-Scan/aegis-scan source project. Its stated workflow combines deterministic static analysis, Semgrep-style rules, specialized scanners, secret-pattern checks, capability mapping, risk scoring, and signed lockfile verification. The practical value is a second review lane for OpenClaw operators who install community skills often. Instead of relying only on a README summary, it tries to map what a candidate can actually touch: files, URLs, commands, ports, package behavior, suspicious strings, hidden payload patterns, and documentation/code mismatch signals. Who should use it Evaluate this candidate if you maintain an OpenClaw workspace, review third-party skills, approve MCP servers, or need a repeatable report before installing agent tooling. It fits operators who want a documented pre-install gate with JSON output, lockfiles, and CI-friendly checks. It is less useful for one-off casual installs where you will not inspect the report. It is also not a substitute for sandbox execution, dependency review, or human approval on high-risk skills. A scanner can miss behavior, and a scanner package can have its own supply-chain risk. Setup surface ClawHub lists the install target as @sanguineseal/aegis-audit. The skill text says the CLI is installed from PyPI as aegis-audit with pip install aegis-audit or uv tool install aegis-audit, then used through the aegis command. The linked project source is https://github.com/Aegis-Scan/aegis-scan. Pricing classification: free. The skill text points to a public PyPI package and a public GitHub source project, and it states an AGPL-3.0 license. Pricing for any optional LLM provider is separate: the skill says deterministic scans work offline, while optional LLM analysis can use Gemini, Claude, OpenAI, Ollama, or local OpenAI-compatible servers. Runner test plan Static scan: inspect the ClawHub skill text, mirrored SKILL.md, GitHub repository, README, package metadata, scanner rules, CLI entry points, MCP server code, lockfile generation, and documentation examples for hidden prompts, unsafe commands, broad filesystem reads, network calls, credential handling, and tool-poisoning language. Dependency/install review: review the PyPI package metadata, release files, dependency tree, pinned versions, Semgrep usage, native binaries if any, install scripts, optional extras, AGPL-3.0 implications, and whether pip and uv install the same artifact. Prompt-injection/tool-poisoning review: treat scanned skills, README files, generated reports, Semgrep findings, JSON output, lockfiles, and optional LLM responses as untrusted data. Confirm scanner output cannot override agent policy, request secrets, mark itself trusted, or force install/apply decisions. Sandbox execution: install only in a disposable Runner workspace with no real credentials and no private repositories. Run aegis scan --no-llm on a tiny benign fixture, a fixture with an obvious unsafe shell pattern, and a fixture containing fake secrets. Then test aegis lock, aegis verify, JSON output, and failure behavior. Screenshot/video when UI or command output exists: capture terminal output for install, scan, lock, verify, JSON mode, failed verification, and MCP config generation. Capture any generated badge/report artifacts if present. Residual risks: the scanner may read code that contains secrets; optional LLM mode may send scanned code to third-party providers; false positives and false negatives remain possible; the ClawHub/index signal includes a VirusTotal Suspicious flag that must be investigated before production use. Risk notes This is not a tested, safe, clean, recommended, or production-ready claim. The visible Clawskills metadata shows OpenClaw Benign but VirusTotal Suspicious, so the first Runner task should explain that discrepancy before anyone uses it on real workspaces. Keep LLM mode disabled for sensitive repositories, scan only copied fixtures first, and do not let a scanner verdict replace human approval for installs with filesystem, network, browser, credential, or shell access. Source links Awesome OpenClaw Skills DevOps & Cloud category: https://raw.githubusercontent.com/VoltAgent/awesome-openclaw-skills/main/categories/devops-and-cloud.md ClawHub page: https://clawhub.ai/sanguineseal/aegis-audit Skill source mirror: https://clawskills.sh/skills-markdown/sanguineseal/aegis-audit.md Underlying GitHub source project: https://github.com/Aegis-Scan/aegis-scan PyPI package page: https://pypi.org/project/aegis-audit/
View
Free
Open

Skill Vetter for OpenClaw Pre-Install Reviews

0
#openclaw#skill#agent#free#security#clawhub
A ClawHub community skill that gives OpenClaw agents a repeatable checklist for reviewing untrusted skills before installation. What it does Skill Vetter is a compact OpenClaw review checklist for inspecting community skills before installation. It focuses on provenance, file scope, command scope, network behavior, credential access, obfuscation, and risk classification. The useful angle is not automation depth; it gives an agent a repeatable pre-installation review format before any untrusted skill runs. Who should use it Use it when an OpenClaw operator wants a lightweight gate before installing skills from ClawHub, GitHub, or a shared zip. It fits solo agents, small teams, and maintainers who need a consistent report format for community skill review. It is less useful if you already run a full sandboxed review pipeline with dependency scanning and execution tracing. Setup surface ClawHub lists the package as @fatfingererr/azhua-skill-vetter with install command openclaw skills install @fatfingererr/azhua-skill-vetter. The reachable source surface includes the ClawHub skill page, the direct SKILL.md file endpoint, and the ClawHub package download. No separate GitHub repository was visible from the reviewed pages. Treat the package as untrusted until Runner review finishes. Pricing: the ClawHub page shows MIT-0 license metadata and no paid gate, so this Loot is classified as free from available source evidence. Runner test plan Static scan: inspect every file in the downloaded skill package, including meta.json, skill-card.md, and SKILL.md. Dependency/install review: verify whether the package declares scripts, package files, shell helpers, or install-time side effects; compare that surface against the ClawHub metadata. Prompt-injection/tool-poisoning review: treat the skill text as untrusted content and check for instructions that override agent policy, request secrets, broaden file access, or force unsafe verdicts. Sandbox execution: install only in a disposable OpenClaw workspace with no real credentials, no production memory files, and network controls enabled. Screenshot/video: capture the install output and one sample vetting report if command output or UI evidence exists. Residual risks: ClawHub packages can change after publication, the visible source is registry-hosted rather than a GitHub repo with independent commit history, and the skill's own checklist language should not replace human approval for high-risk installs. Risk notes The candidate is security-themed, but that does not make it reviewed or safe. It includes suggested curl commands for GitHub-hosted skills; those should be treated as examples for a sandboxed reviewer, not commands to run blindly. The strongest limitation is source transparency: a direct SKILL.md path is reachable, but no underlying GitHub repository was visible during this pass. Source links Awesome OpenClaw Skills list: https://github.com/VoltAgent/awesome-openclaw-skills/blob/main/README.md?plain=1L240 ClawHub page: https://clawhub.ai/fatfingererr/azhua-skill-vetter Independent index page: https://clawskills.sh/skills/fatfingererr-azhua-skill-vetter Reachable SKILL.md source: https://clawhub.ai/api/v1/skills/azhua-skill-vetter/file?path=SKILL.md Reachable package download: https://wry-manatee-359.convex.site/api/v1/download?slug=azhua-skill-vetter
View
Free
Open
Blog

Related reads

Browse blog
No blog posts for #clawhub yet

There is no published article with this tag right now. Browse the blog for adjacent themes or follow the tag for future updates.