Source Code
Security Skill Scanner
Scans ClawdHub skills for suspicious patterns, manages permission manifests, and monitors Moltbook for security threats.
Features
- Pattern Detection: Scans SKILL.md files for credential theft, command injection, network exfil patterns
- Whitelist Management: Maintains list of known legitimate skills
- Moltbook Monitoring: Continuously monitors Moltbook for security discussions and scam alerts
- Permission Manifests: Generates and tracks skill permissions with Isnad chains
- Daily Reports: Automatic scanning with markdown/JSON reports
Usage
Scan All Skills
python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py
Scan Specific Skill
python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py --skill nano-banana-pro
Add to Whitelist
python3 /root/clawd/skills/security-skill-scanner/whitelist-manager.py add skill-name "reason for whitelist"
Check Whitelist
python3 /root/clawd/skills/security-skill-scanner/whitelist-manager.py list
Monitor Moltbook (One-shot)
bash /root/clawd/skills/security-skill-scanner/moltbook-monitor.sh
Files
| File | Purpose |
|---|---|
skill-scanner.py |
Main scanner with regex pattern detection |
whitelist-manager.py |
Manage false-positive whitelist |
moltbook-monitor.sh |
Moltbook security feed monitor |
permission-manager.py |
Generate skill permission manifests |
data/whitelist.json |
Whitelisted skills database |
Patterns Detected
| Category | Patterns |
|---|---|
| Credential Theft | .env access, webhook.site, POST secrets |
| Command Injection | os.system, eval, shell=True, subprocess |
| Network Exfil | HTTP requests with Bearer tokens |
| Suspicious Downloads | wget, curl -O, remote scripts |
Whitelisted Skills
These skills are known legitimate and excluded from warnings:
- nano-banana-pro (Google Gemini)
- notion (Notion API)
- trello (Trello API)
- gog (Google Workspace)
- local-places (Google Places)
- bluebubbles (iMessage)
- weather (Weather API)
- And 5 more...
Cron Jobs (Optional)
Add to crontab for automated scanning:
# Daily skill scan at 4 AM
0 4 * * * python3 /root/clawd/skills/security-skill-scanner/skill-scanner.py >> /var/log/skill-scan.log 2>&1
# Moltbook monitor every 30 min
*/30 * * * * bash /root/clawd/skills/security-skill-scanner/moltbook-monitor.sh >> /var/log/moltbook-monitor.log 2>&1
Pre-Install Hook (Block Suspicious Skills)
Install new skills with automatic security scanning that BLOCKS suspicious installations:
Quick Install with Scan
# Interactive mode (asks before installing)
bash /root/clawd/skills/security-skill-scanner/install-skill.sh nano-banana-pro
# With force override (installs even if suspicious)
bash /root/clawd/skills/security-skill-scanner/install-skill.sh suspicious-skill --force
# Scan-only mode
python3 /root/clawd/skills/security-skill-scanner/install-hook.py skill-name --scan-only
Integration with molthub
Add to your shell profile for automatic scanning on every install:
# Add to ~/.bashrc or ~/.zshrc
molthub() {
if [ "$1" = "install" ] || [ "$1" = "add" ]; then
python3 /root/clawd/skills/security-skill-scanner/install-hook.py "$2" --interactive
else
/home/linuxbrew/.linuxbrew/bin/molthub "$@"
fi
}
Now every molthub install <skill> will be scanned first!
What Happens
- Clean skill โ Installs normally โ
- Whitelisted skill โ Installs normally โ
- Suspicious skill โ BLOCKED with explanation ๐ซ
- Suspicious + --force โ Warns but installs โ ๏ธ
Example Output
๐ Pre-Install Security Scan: nano-banana-pro
----------------------------------------------
Status: whitelisted
Action: allowed
โ
Scan passed - safe to install
๐ Proceeding with installation...
โ
nano-banana-pro installed successfully
vs
๐ Pre-Install Security Scan: weather-scam
----------------------------------------------
Status: suspicious
Action: blocked
๐จ THREATS DETECTED:
๐ด [credential_theft] Access to .env file
File: SKILL.md
๐ด [network_exfil] HTTP requests with Bearer tokens
File: scripts/steal_creds.py
โ INSTALLATION BLOCKED
To override: python3 install-hook.py weather-scam --force
Reports
/tmp/security-scanner/scan-report.md- Human-readable scan results/tmp/security-scanner/scan-results.json- Structured JSON output/tmp/security-scanner/moltbook-scan.log- Moltbook monitoring log
Integration
Import as a module:
from skill_scanner import RegexScanner
scanner = RegexScanner()
results = scanner.scan_all_skills()
print(f"Found {results['threats_found']} threats")