git clone https://github.com/honouralexwill/skill-risk-auditor-v1-built-with-saturnday
git clone --depth=1 https://github.com/honouralexwill/skill-risk-auditor-v1-built-with-saturnday ~/.openclaw/skills/honouralexwill-skill-risk-auditor-v1-built-with-saturnday-skill-risk-auditor-v1-
skill.yamlname: skill-risk-auditor version: "1.0.0" description: > Inspects an OpenClaw skill directory for security risks before install or publish. Scans for dangerous shell commands, remote code execution vectors, obfuscated scripts, hardcoded secrets, suspicious URLs, and social-engineering prompts. Produces a structured risk report with severity levels. entry: dist/index.js
input: type: object properties: path: type: string description: Absolute or relative path to the skill directory to audit. required: - path additionalProperties: false
output: type: object properties: findings: type: array items: type: object properties: id: type: string description: Unique identifier for this finding instance. severity: type: string enum: - critical - high - medium - low - info category: type: string description: Scanner category that produced this finding. file: type: string description: File path relative to the skill root. line: type: integer description: Line number where the finding was detected. message: type: string description: Human-readable description of the risk. required: - id - severity - category - file - line - message additionalProperties: false summary: type: string description: Plain English overview of the audit results. overallSeverity: type: string enum: - critical - high - medium - low - info description: Highest severity found across all findings, or info if clean. required: - findings - summary - overallSeverity additionalProperties: false