skillguard-audit
v1.0.0Audit OpenClaw skills for security risks before installation via SkillGuard API.
Sourced from ClawHub,
Authored by Jonathanliu811026
Installation
Please help me install the skill `skillguard-audit` from SkillHub official store.
npx skills add Jonathanliu811026/skillguard-audit
SkillGuard
Audit any OpenClaw skill for security risks before you install it.
Calls the SkillGuard API (https://api.agentsouls.io/api/audit) and returns a verdict, risk score, and threat list.
Usage
Audit a skill from ClawHub by name
bash skills/skillguard/audit.sh --name <skill-slug>
This uses clawhub inspect --file to pull the skill's SKILL.md (and any scripts), then sends the code to the audit API.
Audit a local file
bash skills/skillguard/audit.sh --code <path-to-file>
Reads the file and sends its contents for audit.
Output
Returns JSON with:
- verdict: SAFE | CAUTION | DANGEROUS
- riskScore: 0–100
- threats: list of identified risks
Example:
{
"verdict": "CAUTION",
"riskScore": 35,
"threats": ["Executes arbitrary shell commands", "Accesses network without disclosure"]
}
When to use
Before installing any new skill, run:
bash skills/skillguard/audit.sh --name <skill-name>
If verdict is DANGEROUS, do not install. If CAUTION, review the threats and decide with the user.