AgentSkillsCN

skill-vettr

第三方 OpenClaw 技能的静态分析安全扫描器

SKILL.md
--- frontmatter
name: skill-vettr
version: 2.0.0
author: openclaw-community
description: Static analysis security scanner for third-party OpenClaw skills
tools: [filesystem, shell]
permissions: [filesystem:read, shell:exec]

skill-vettr v2.0.0

Security scanner for third-party OpenClaw skills. Analyses source code, dependencies, and metadata before installation using AST parsing and pattern matching.

Commands

  • /skill:vet --path <directory> — Vet a local skill directory
  • /skill:vet-url --url <https://...> — Download and vet from URL
  • /skill:vet-clawhub --skill <slug> — Fetch and vet from ClawHub

Detection Categories

CategoryMethodExamples
Code executionASTeval(), new Function(), vm.runInThisContext()
Shell injectionASTexec(), execSync(), spawn("bash")
Dynamic importsASTrequire(variable), import() with non-literal
Prototype pollutionASTproto assignment
Prompt injectionRegexInstruction overrides, control tokens
Homoglyph attacksRegexCyrillic lookalike function names
Encoded namesRegexUnicode/hex-escaped "eval"
Credential accessRegex.ssh/, .aws/ path references
Malicious depsConfigevent-stream, user-blocked packages
TyposquattingLevenshteinNames within edit distance 2 of targets
Dangerous permissionsConfigshell:exec, credentials:read

Limitations

This is a static analysis heuristic scanner. It catches common attack patterns but cannot guarantee safety against sophisticated or novel threats. It does not execute or sandbox target code.