Security Dashboard
Monitor security scores and issues across all skills in the directory.
How we make skill installs safer
The ClawHavoc incident in the OpenClaw ecosystem showed a real risk: a SKILL.md file can look normal while hiding malicious instructions. That can lead to command execution, data exfiltration, or credential theft.
Direct installs from random GitHub repositories put the full security review burden on each user. Most teams do not have time to manually audit every skill file before installing it.
agentskill.sh uses a two-layer model: centralized scanning on the platform plus local verification in /learn at install time. This gives both broad coverage and a final check before files are written.
Exactly what we do to improve security
- We run server-side static analysis on every skill across 12 threat categories.
- We assign a normalized 0-100 security score with issue severity and category details.
- We show the score and metadata in /learn before installation starts.
- We warn on low scores (<50) and require explicit confirmation for very low scores (<30).
- We continuously rescan skills and ingest new reports to refresh risk signals.
- We self-check /learn updates with content SHA verification to avoid stale security logic.
For safer installs, use /learn and review this dashboard instead of blindly cloning unknown skill files. For incident context, see CrowdStrike's OpenClaw analysis .
Score Distribution
Excellent (90-100)90,616
Good (70-89)11,058
Medium (50-69)4,252
Low (25-49)2,051
Critical (0-24)2,513
Issues by Severity
Critical
1,498High
12,673Medium
104,747Low
233,899Top Issue Categories
External Calls182,119
Sensitive File Access59,448
Command Injection56,453
Data Exfiltration50,805
Credential Harvesting2,078
Obfuscation1,774
Prompt Injection137
Persistence3
Low Security Skills
(score below 70)
sickn33/bash-pro13 high 0
openclaw/clawshot0
openclaw/registry-broker0
danielmiessler/Documents0
sickn33/incident-runbook-templates7 high 0
openclaw/clawfriend0
openclaw/moltbook0
openclaw/notion15 high 0
openclaw/wienerlinien0
openclaw/MarketPulse0
sickn33/linux-privilege-escalation10 high 0
openclaw/fortclaw0
openclaw/trakt0
openclaw/linear-webhook1 high 0
openclaw/moltspaces0
sickn33/convex2 high 0
openclaw/glance1 high 0
sickn33/cal-com-automation0
openclaw/moltscope0
sickn33/file-path-traversal5 critical 31 high 0
openclaw/agentwallet0
sickn33/frontend-mobile-development-component-scaffold0
openclaw/4chad 🐸0
github/project-workflow-analysis-blueprint-generator1 high 0
openclaw/weex-trading0
github/write-coding-standards-from-file38 high 0
openclaw/MarketPulse0
openclaw/credential-manager0
openclaw/AIsaFinancialData0
openclaw/planning-with-files3 critical 2 high 0
openclaw/flomo-via-app0
openclaw/swarm1 high 0
openclaw/plurum0
openclaw/openclaw-sec2 critical 4 high 0
openclaw/molt-beach1 high 0
openclaw/api-gateway0
sickn33/cloud-penetration-testing3 high 0
openclaw/clawstarter0
openclaw/maxxit-lazy-trading0
openclaw/stock-evaluator-v30
sickn33/iterate-pr6 high 0
openclaw/opengraph-io0
sickn33/github-workflow-automation6 critical 15 high 0
openclaw/MarketPulse0
openclaw/audiopod0
openclaw/flomo-send0
openclaw/skillvet7 critical 3 high 0
openclaw/mongodb-atlas-admin0
openclaw/openkrill1 high 0
openclaw/clawpen0
Recently Flagged for Review
trymithril-com/mithrilMar 8, 202638
MeterLong/tripo-3d-generationMar 8, 202633
Gal-criticism/bangumi-apiMar 8, 202635
224-Industries/webflow-webhooksMar 8, 20267
ActiveCampaign/postmark-webhooksMar 8, 20260
ActiveCampaign/postmark-inboundMar 8, 202643
inference-sh/agent-toolsMar 8, 202632
openclaw/tencent-cloud-cosMar 8, 202651
openclaw/tencent-cloud-cosMar 8, 202651
openclaw/tencent-cloud-cosMar 8, 202651
openclaw/tencent-cloud-cosMar 8, 202651
openclaw/tencent-cloud-cosMar 8, 202651
openclaw/tencent-cloud-cosMar 8, 202651
openclaw/nas-movie-downloadMar 8, 202682
openclaw/crustafarianismMar 8, 202670
openclaw/parallelMar 8, 202698
openclaw/capability-evolverMar 8, 202688
wshobson/memory-safety-patternsMar 8, 202655
openclaw/teslaMar 7, 202689
openclaw/polymarketMar 7, 202672