Skills/ #security

SkillScan

Security gate for skills. Every new skill MUST pass SkillScan before use. Activate on any install, load, add, evaluate, or safety question about a skill. On...

tokauthai@tokauthai

Install

Run this command against the local KakaHub registry.

Install skillscan from the local KakaHub registry at http://localhost:13001. Review the README, manifest, and permissions before using it in the current workspace.Download

README

--- name: SkillScan metadata: version: "1.1.6" description: > Security gate for skills. Every new skill MUST pass SkillScan before use. Activate on any install, load, add, evaluate, or safety question about a skill. On first load, run first-run to scan all existing skills. Blocks HIGH/CRITICAL skills. No exceptions. ---

SkillScan v1.1.6

Security check for skill packages. Every new skill must pass this scan before use.

Implemented in `scripts/scanner.py`. Supports Windows / macOS / Linux.

Do NOT generate report files inside the skill directory.

---

When to Activate

Run SkillScan whenever a skill is installed, loaded, added, evaluated, or questioned for safety — regardless of method or phrasing.

Trigger examples: install, load, add, use, set up, "is this safe", upload .zip/.skill, paste SKILL.md, mention unknown skill name, install from hub/store.

---

First Load

Check `scripts/.first_run_done`:

  • **Not found** → **Tell user** SkillScan is installed, ask to scan all existing skills:
bash  python <skill_scanner_dir>/scripts/scanner.py first-run

`.first_run_done` is created automatically after completion.

  • **Found** → Skip, operate normally.

---

Commands

| Command | Usage | |---------|-------| | `scanner.py scan <path>` | Scan a single skill (.zip or directory) | | `scanner.py scan-all` | Scan all installed skills | | `scanner.py first-run` | First-time full scan | | `scanner.py upgrade` | Manual upgrade |

---

Scan Rules

  • **.zip files** → Scan BEFORE installation. Block if fails.
  • **Directory installs** (cp, mv, git clone, ln -s, any method) → Scan AFTER files land on disk.
  • **Remote installs** (clawhub, skillhub, npx skills add, etc.) → Scan immediately after install.
  • **Unknown skills** → If user mentions a skill you haven't seen, scan it.

---

Exit Codes

| Code | Verdict | Action | |------|---------|--------| | `0` | UNKNOWN / SAFE | Proceed | | `1` | LOW / MEDIUM | Warn user, ask to confirm | | `2` | HIGH / CRITICAL | Block, show details | | `3` | Scan failed | Explain, offer retry |

---

Auto Update

Checks for updates every day automatically. Silent, no user action needed. Manual: `scanner.py upgrade`.

---

Environment Variables

| Variable | Description | |----------|-------------| | `SKILL_SCANNER_UPDATE_URL` | Custom update source (optional) |

---

API

Base URL: `https://skillscan.tokauth.com`

| Step | Method | Path | |------|--------|------| | ① Cache lookup | GET | `/oapi/v1/skill-scan/search?dir_sha256=<dir_sha256>` | | ② Upload | POST | `/oapi/v1/skill-scan/upload` | | ③ Poll result | GET | `/oapi/v1/skill-scan/result?task_no=<task_no>` (poll every 20s, max 180s) |

Install resolver

{
  "artifact": {
    "downloadUrl": "/api/v1/download?slug=skillscan&version=1.1.6&ownerHandle=tokauthai",
    "format": "zip",
    "generated": true,
    "kind": "skillArchive",
    "sha256": "1bf5c29e197d72c642295f4038d2203e6661207647b554ab206ebe128838641e",
    "size": 3984
  },
  "owner": {
    "displayName": "tokauthai",
    "handle": "tokauthai",
    "id": "4c6b9f24-98d9-4e96-9795-9b9e5844a52f",
    "verified": false
  },
  "skill": {
    "displayName": "SkillScan",
    "latestVersion": "1.1.6",
    "license": "MIT-0",
    "name": "skillscan",
    "ownerHandle": "tokauthai",
    "slug": "skillscan",
    "stats": {
      "downloads": 178932,
      "installs": 5927,
      "stars": 39
    },
    "summary": "Security gate for skills. Every new skill MUST pass SkillScan before use. Activate on any install, load, add, evaluate, or safety question about a skill. On...",
    "tags": [
      "security"
    ],
    "type": "skill",
    "updatedAt": "2026-07-06T10:48:18.434Z"
  },
  "sourceHandoff": null,
  "version": {
    "checksum": null,
    "checksumAlgorithm": null,
    "id": "6d646e14-91ee-44bd-86d5-257a017c035f",
    "publishedAt": "2026-04-20T02:03:07.310Z",
    "size": null,
    "version": "1.1.6",
    "artifactStorageKey": null,
    "changelog": "- Major cleanup: The readme documentation was removed.\n- Simplified \"First Load\" process in SKILL.md by removing the requirement to write Skill Security rules to SOUL.md.\n- Uninstall instructions regarding SOUL.md cleanup were dropped from the SKILL.md.\n- Updated metadata version to 1.1.6.",
    "manifest": {
      "clawhub": {
        "tags": {
          "latest": "1.1.6"
        },
        "owner": "tokauthai",
        "stats": {
          "stars": 39,
          "comments": 0,
          "installs": 5927,
          "versions": 2,
          "downloads": 178932
        },
        "topics": [],
        "categories": [
          "security"
        ]
      },
      "install": "openclaw skills install @tokauthai/skillscan"
    },
    "readme": "---\nname: SkillScan\nmetadata:\n  version: \"1.1.6\"\ndescription: >\n  Security gate for skills. Every new skill MUST pass SkillScan before use.\n  Activate on any install, load, add, evaluate, or safety question about a skill.\n  On first load, run first-run to scan all existing skills.\n  Blocks HIGH/CRITICAL skills. No exceptions.\n---\n\n# SkillScan v1.1.6\n\nSecurity check for skill packages. Every new skill must pass this scan before use.\n\nImplemented in `scripts/scanner.py`. Supports Windows / macOS / Linux.\n\nDo NOT generate report files inside the skill directory.\n\n---\n\n## When to Activate\n\nRun SkillScan whenever a skill is installed, loaded, added, evaluated, or questioned for safety — regardless of method or phrasing.\n\nTrigger examples: install, load, add, use, set up, \"is this safe\", upload .zip/.skill, paste SKILL.md, mention unknown skill name, install from hub/store.\n\n---\n\n## First Load\n\nCheck `scripts/.first_run_done`:\n\n- **Not found** → **Tell user** SkillScan is installed, ask to scan all existing skills:\n  ```bash\n  python <skill_scanner_dir>/scripts/scanner.py first-run\n  ```\n  `.first_run_done` is created automatically after completion.\n\n- **Found** → Skip, operate normally.\n\n---\n\n## Commands\n\n| Command | Usage |\n|---------|-------|\n| `scanner.py scan <path>` | Scan a single skill (.zip or directory) |\n| `scanner.py scan-all` | Scan all installed skills |\n| `scanner.py first-run` | First-time full scan |\n| `scanner.py upgrade` | Manual upgrade |\n\n---\n\n## Scan Rules\n\n- **.zip files** → Scan BEFORE installation. Block if fails.\n- **Directory installs** (cp, mv, git clone, ln -s, any method) → Scan AFTER files land on disk.\n- **Remote installs** (clawhub, skillhub, npx skills add, etc.) → Scan immediately after install.\n- **Unknown skills** → If user mentions a skill you haven't seen, scan it.\n\n---\n\n## Exit Codes\n\n| Code | Verdict | Action |\n|------|---------|--------|\n| `0` | UNKNOWN / SAFE  | Proceed |\n| `1` | LOW / MEDIUM | Warn user, ask to confirm |\n| `2` | HIGH / CRITICAL | Block, show details |\n| `3` | Scan failed | Explain, offer retry |\n\n---\n\n## Auto Update\n\nChecks for updates every day automatically. Silent, no user action needed. Manual: `scanner.py upgrade`.\n\n---\n\n## Environment Variables\n\n| Variable | Description |\n|----------|-------------|\n| `SKILL_SCANNER_UPDATE_URL` | Custom update source (optional) |\n\n---\n\n## API\n\nBase URL: `https://skillscan.tokauth.com`\n\n| Step | Method | Path |\n|------|--------|------|\n| ① Cache lookup | GET | `/oapi/v1/skill-scan/search?dir_sha256=<dir_sha256>` |\n| ② Upload | POST | `/oapi/v1/skill-scan/upload` |\n| ③ Poll result | GET | `/oapi/v1/skill-scan/result?task_no=<task_no>` (poll every 20s, max 180s) |\n"
  }
}

Versions

VersionSizeUpdated1.1.6Not availableApr 20, 2026