Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.
Downloads
2.2k
Stars
6
Versions
3
Updated
2026-02-23
Install
npx clawhub@latest install skill-scanner
Documentation
Skill Scanner
Security audit tool for Clawdbot/MCP skills - scans for malware, spyware, crypto-mining, and malicious patterns.
Capabilities
- -Scan skill folders for security threats
- -Detect data exfiltration patterns
- -Identify system modification attempts
- -Catch crypto-mining indicators
- -Flag arbitrary code execution risks
- -Find backdoors and obfuscation techniques
- -Output reports in Markdown or JSON format
- -Provide Web UI via Streamlit
Usage
Command Line
python skill_scanner.py /path/to/skill-folder
Within Clawdbot
"Scan the [skill-name] skill for security issues using skill-scanner"
"Use skill-scanner to check the youtube-watcher skill"
"Run a security audit on the remotion skill"
Web UI
pip install streamlit
streamlit run streamlit_ui.py
Requirements
- -Python 3.7+
- -No additional dependencies (uses Python standard library)
- -Streamlit (optional, for Web UI)
Entry Point
- -CLI:
skill_scanner.py - -Web UI:
streamlit_ui.py
Tags
#security #malware #spyware #crypto-mining #scanner #audit #code-analysis #mcp #clawdbot #agent-skills #safety #threat-detection #vulnerability
Launch an agent with Skill Scanner on Termo.