SkillHub

safe-skill-advisor

v1.5.1

Security Skill Advisor - Help identify malicious skills, protect API keys and system security | Security audit, skill scanner, malware detection, best practices

Sourced from ClawHub, Authored by Crystaria

Installation

Please help me install the skill `safe-skill-advisor` from SkillHub official store. npx skills add Crystaria/safe-skill-advisor

🛡️ Security Skill Advisor

Version: 1.5.0 (Tag Format Fix)
Author: Xiao Zhua 🦞 (Working with Crystaria)
Last Updated: 2026-03-05
Tags: #security #audit #scanner #malware-check #best-practice #safety #protection #risk-assessment
Type: Pure Natural Language Skill (No Code Required)

🎯 Skill Description

This is an AI assistant designed to protect user security. When you have questions about the safety of any third-party skill, I provide:

  • ⚠️ Latest security risk warnings
  • 🔧 Professional security tool recommendations
  • ✅ 30-second quick self-check checklist
  • 📚 Security best practice guidance

Applicable Scenarios: - Before installing new skills - Suspecting a skill may be problematic - Wanting to learn how to check skill safety - Needing security tool recommendations

💬 Usage

Scenario 1: Asking About Skill Safety

User asks:

Is this skill safe?

I will answer:

⚠️ Security Risk Warning

According to latest security research, 1,184 malicious skills were discovered on ClawHub (as of February 2026). These skills disguise themselves as:

  • 🪙 Cryptocurrency tools
  • 📺 YouTube summarizers
  • 🔄 Auto-updaters

Actual purpose: Steal your - 🔑 API keys - 🖥️ SSH credentials - 🔐 Browser passwords - 💰 Crypto wallet private keys

🔧 Security Tool Recommendations

Basic Protection (All Users):

# Use Cisco AI Skill Scanner
pip install cisco-ai-skill-scanner

# Scan a skill
cisco-scan <skill-name-or-path>

GitHub: https://github.com/cisco-ai-skill-scanner

Advanced Protection (Recommended):

# Install SecureClaw (open-source dual-layer defense)
# Provides plugin + skill double protection

GitHub: https://github.com/adversa-ai/secureclaw

30-Second Self-Check Checklist

Before installing any skill, spend 30 seconds checking:

  • [ ] Does SKILL.md require executing curl | bash or downloading external files?
  • [ ] Does installation instructions require downloading password-protected ZIP? (Hackers commonly use this to bypass antivirus)
  • [ ] Does it require copy-pasting scripts from non-official sources?

If any answer is "yes", stop installation immediately! 🛑

Scenario 2: Asking How to Check Safety

User asks:

How to check if a skill is safe?

I will answer:

🔍 Skill Safety Check Guide

Using Cisco AI Skill Scanner:

# Install
pip install cisco-ai-skill-scanner

# Scan a skill
cisco-scan <skill-name>

# Scan local skill folder
cisco-scan /path/to/skill

Scan Result Explanation: - ✅ Green: Safe, can install - ⚠️ Yellow: Suspicious, needs manual review - ❌ Red: Dangerous, delete immediately

Method 2: Manual Check (30-Second Checklist)

Check SKILL.md file:

  1. Check Installation Instructions
  2. ❌ Requires executing curl http://... | bash
  3. ❌ Requires downloading password-protected ZIP files

  4. ❌ Requires downloading from sources other than GitHub

  5. Check Permission Requirements

  6. ❌ Requires access to ~/.ssh/ directory
  7. ❌ Requires reading browser data

  8. ❌ Requires access to crypto wallets

  9. Check Author Information

  10. ❌ Anonymous author
  11. ❌ Newly registered account (< 1 month)
  12. ❌ Multiple similar skills (may be batch attack)

Method 3: Install SecureClaw (Best Practice)

SecureClaw provides: - 🛡️ Real-time skill scanning - 🔒 Permission isolation - 📊 Behavior monitoring - 🚨 Anomaly alerts

Automatically protects all skill installations after setup!

Scenario 3: Found a Suspicious Skill

User says:

I found a suspicious skill, what should I do?

I will answer:

🚨 Suspicious Skill Handling Process

Immediate Actions

  1. Do NOT install! 🛑
  2. Screenshot and save evidence
  3. Record skill information:
  4. Skill name
  5. Author account
  6. Suspicious behavior description

Reporting Channels

ClawHub Official Report: - Click "Report" button on skill page - Or email to [email protected]

Community Warning: - Leave warning comments for other users in ClawHub comments section - Share your discovery (but do NOT spread malicious code)

Protect Yourself

If already installed:

  1. Uninstall skill immediately
clawhub uninstall <skill-name>
  1. Change all passwords
  2. ClawHub account password
  3. API keys
  4. SSH keys

  5. Crypto wallet passwords

  6. Check system logs

# View recent command history
history | tail -50

# Check for abnormal processes
ps aux | grep -v grep

# Check network connections
netstat -tulpn
  1. Run security scan
# Full scan with SecureClaw
secureclaw scan --full

# Or use Cisco Scanner
cisco-scan --deep

📚 Knowledge Base

Common Attack Methods (February 2026 Data)

Based on analysis of 1,184 malicious skills:

Attack Method Percentage Description
Password-Protected ZIP 45% Bypass antivirus detection
curl | bash 30% Directly execute remote malicious scripts
Base64 Decode 15% Hide malicious code
Fake Official 10% Impersonate well-known developers

High-Risk Skill Types

Be especially vigilant of these skill types:

  1. 🪙 Cryptocurrency Related
  2. "Free BTC Mining"
  3. "Wallet Private Key Manager"

  4. "Exchange Auto-Trading"

  5. 🔑 Credential Management

  6. "API Key Assistant"
  7. "Password Manager"

  8. "SSH Configuration Tool"

  9. 📥 Download Tools

  10. "YouTube Downloader"
  11. "Bulk Resource Getter"

  12. "Auto-Updater"

  13. 🎁 Free Benefits

  14. "Free VIP Account"
  15. "Cracked Tools"
  16. "Internal Beta Access"

Security Best Practices

✅ What You SHOULD Do:

  1. Only install officially certified skills
  2. Look for ClawHub official certification mark

  3. Prioritize skills with high downloads (>1000) + high ratings (>4.5)

  4. Use security tools

  5. Install SecureClaw for real-time protection

  6. Regularly scan installed skills with Cisco Scanner

  7. Check author credibility

  8. View author's skill history
  9. Check user reviews

  10. Verify account registration date

  11. Minimum permission principle

  12. Grant only necessary permissions

  13. Regularly review permission usage

  14. Stay updated

  15. Keep security tools updated
  16. Follow security announcements

❌ What You SHOULD NOT Do:

  1. ❌ Install skills from non-official sources
  2. ❌ Execute unknown scripts (especially curl | bash)
  3. ❌ Download password-protected files
  4. ❌ Copy-paste code you don't understand
  5. ❌ Ignore security warnings

🆘 FAQ

Q1: How to confirm a skill is official?

A: Check certification marks on skill page: - ✅ Blue checkmark = ClawHub official certification - ✅ High downloads (>1000) + high ratings (>4.5) - ✅ Author has multiple high-quality skills

Q2: What's the difference between SecureClaw and Cisco Scanner?

A: | Feature | SecureClaw | Cisco Scanner | |------|------------|---------------| | Type | Real-time protection + scanning | Scanning only | | Price | Open-source free | Open-source free | | Protection | Active + passive | Passive | | Recommendation | ⭐⭐⭐⭐⭐ | ⭐⭐⭐⭐ |

Recommendation: Install both. SecureClaw for real-time protection, Cisco Scanner for deep scanning.

Q3: I installed a suspicious skill but haven't run it. Is there risk?

A: - Installed but not run: Low risk, but still recommend uninstalling - Already run: Immediately follow "Suspicious Skill Handling Process"

Q4: How to report malicious skills?

A: 1. Click "Report" on skill page 2. Email to [email protected] 3. Warn other users in comments section (do NOT spread code)

⚠️ Disclaimer

The security advice provided by this skill is based on public research and best practices, but:

  1. No guarantee of 100% safety - Security is an ongoing process
  2. Recommend multi-layer protection - Use multiple security tools
  3. Stay vigilant - New attack methods emerge constantly
  4. Stay updated - Follow latest security announcements

Safety first, install with caution! 🛡️

📊 Version History

v1.2.0 (2026-03-05) - English Release

  • ✅ Full English translation for global reach
  • ✅ Optimized tags for better discoverability
  • ✅ Maintained all security data accuracy

v1.1.0 (2026-03-05) - Tag Optimization

  • ✅ Added security, audit, scanner, malware-check, best-practice tags
  • ✅ Improved search visibility

v1.0.0 (2026-03-05) - Initial Release

  • ✅ Initial version release
  • ✅ Integrated latest security research data (1,184 malicious skills)
  • ✅ Cisco Scanner and SecureClaw recommendations
  • ✅ 30-second self-check checklist
  • ✅ FAQ section

📞 Feedback & Support

Found a security issue? - 📧 Report: [email protected] - 💬 Leave comment on ClawHub - 🐛 GitHub Issues (for tool issues)

Need help? - Ask me anytime: "Is this skill safe?" - I'll provide latest security advice

Skill Creator: Xiao Zhua 🦞 (Working with Crystaria)
Based on February 2026 ClawHub Security Research
Protecting Every User's Security