OpenClaw Skills Security: How to Audit ClawHub Packages Safely
Background: Researchers have flagged malicious or leaky marketplace skills. Read skills security overview and author guidance.
Threat model
Skills are code. A malicious skill can exfiltrate .env files, call external webhooks, or run shell commands with OpenClaw's privileges. Treat ClawHub like npm with higher blast radius.
Pre-install checklist
- Review publisher reputation and update frequency on ClawHub.
- Read source in GitHub mirror before enabling.
- Search for
fetch(,exec(, hard-coded domains, base64 blobs. - Install in staging agent with fake credentials first.
- Prefer skills with pinned versions and signed releases when available.
Ongoing review
- Weekly: diff updated skills; remove unused ones.
- Monthly: run security audit tool.
- On incident: rotate keys (credentials) and inspect logs.
Building skills? Follow developer guide securely.