OpenSkillIndex← back to search
claude-code

Skills clauwdit

Security auditor for AI agent skills. Scans SKILL.md files for prompt injection, data exfiltration, obfuscation, and dangerous capability combinations.

install
source · Clone the upstream repo
git clone https://github.com/openclaw/skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/4worlds4w-svg/clauwdit" ~/.claude/skills/clawdbot-skills-clauwdit && rm -rf "$T"
manifest: skills/4worlds4w-svg/clauwdit/SKILL.md
source content

ClawAudit — Security Auditor for Agent Skills

Static security analyzer for OpenClaw SKILL.md files. Detects prompt injection, credential exfiltration, obfuscated payloads, and dangerous capability combinations before you install.

What It Does

Paste or pipe any SKILL.md content and get back a trust score (0-100) with detailed findings.

Detects:

  • Prompt injection and agent manipulation (including Unicode homoglyph evasion)
  • Data exfiltration patterns (HTTP, DNS, encoded channels)
  • Dangerous shell commands (curl|sh, /dev/tcp, process substitution)
  • Credential harvesting (env vars, SSH keys, API tokens)
  • Obfuscated payloads (base64, hex escapes, eval chains)
  • Compound threats (e.g. file read + network out = exfiltration)
  • Permission mismatches (undeclared capabilities)

Zone-aware analysis — understands markdown structure. Code blocks are weighted as executable instructions. Security documentation describing threats is not flagged as a threat itself.

Usage

Audit a skill before installing:

curl -s https://clauwdit.4worlds.dev/audit/author/skill-name

Or POST raw skill content:

curl -s -X POST https://clauwdit.4worlds.dev/audit \
  -H "Content-Type: application/json" \
  -d '{"skill":"author/skill-name"}'

Trust Tiers

ScoreTierMeaning
80-100TrustedNo significant issues found
60-79ModerateMinor concerns, review recommended
40-59SuspiciousSignificant issues, use with caution
0-39DangerousCritical threats detected, do not install

Response Format

{
  "trust": { "score": 85, "tier": "trusted" },
  "findings": [
    {
      "severity": "medium",
      "description": "Network request capability detected",
      "zone": "code",
      "line": 12
    }
  ],
  "capabilities": ["network_out", "file_read"],
  "compoundThreats": [],
  "permissionIntegrity": { "undeclared": [], "unused": [] }
}

About

Built by 4Worlds. Zone-aware static analysis with 60+ detection patterns, Unicode homoglyph normalization, and compound threat detection.