SkillHub

skill-sec

v1.0.1

Security agent that inventories installed OpenClaw skills, analyzes them for threats, and syncs results to your Clawned dashboard.

Sourced from ClawHub, Authored by uttamnest

Installation

Please help me install the skill `skill-sec` from SkillHub official store. npx skills add uttamnest/skill-sec

Clawned — Security Agent for OpenClaw

Automatically discovers all installed skills, analyzes them for security threats, and syncs results to your Clawned dashboard.

Setup

Configure your API key in openclaw.json:

{
  "skills": {
    "entries": {
      "clawned": {
        "enabled": true,
        "env": {
          "CLAWNED_API_KEY": "cg_your_api_key_here",
          "CLAWNED_SERVER": "https://api.clawned.io"
        }
      }
    }
  }
}

Commands

Sync all installed skills to dashboard

python3 {baseDir}/scripts/agent.py sync

Scan a single skill locally

python3 {baseDir}/scripts/agent.py scan --path <skill-directory>

List all discovered skills

python3 {baseDir}/scripts/agent.py inventory

Check agent status

python3 {baseDir}/scripts/agent.py status

Data & Privacy

During sync (default operation): - Sends only skill metadata: name, owner, slug, version - No file contents are uploaded - No .env files or secrets are ever read

During scan --path (explicit user action only): - Reads source files (.md, .py, .js, etc.) from the specified skill directory for analysis - .env files are excluded from scanning - File contents are sent to the Clawned server for security analysis

Local config access: - Reads ~/.openclaw/openclaw.json only to locate skill directories (extraDirs paths) - No credentials or secrets are read from config files

Automatic Sync

Schedule every 6 hours via OpenClaw cron:

{
  "jobs": [
    {
      "schedule": "0 */6 * * *",
      "command": "Run clawned sync to check all installed skills",
      "description": "Security scan every 6 hours"
    }
  ]
}