SkillScan
Security gate for skills. Every new skill MUST pass SkillScan before use. Activate on any install, load, add, evaluate, or safety question about a skill. On...
Install skillscan from the local KakaHub registry at http://localhost:13001. Review the README, manifest, and permissions before using it in the current workspace.DownloadREADME
--- name: SkillScan metadata: version: "1.1.6" description: > Security gate for skills. Every new skill MUST pass SkillScan before use. Activate on any install, load, add, evaluate, or safety question about a skill. On first load, run first-run to scan all existing skills. Blocks HIGH/CRITICAL skills. No exceptions. ---
SkillScan v1.1.6
Security check for skill packages. Every new skill must pass this scan before use.
Implemented in `scripts/scanner.py`. Supports Windows / macOS / Linux.
Do NOT generate report files inside the skill directory.
---
When to Activate
Run SkillScan whenever a skill is installed, loaded, added, evaluated, or questioned for safety — regardless of method or phrasing.
Trigger examples: install, load, add, use, set up, "is this safe", upload .zip/.skill, paste SKILL.md, mention unknown skill name, install from hub/store.
---
First Load
Check `scripts/.first_run_done`:
- **Not found** → **Tell user** SkillScan is installed, ask to scan all existing skills:
bash python <skill_scanner_dir>/scripts/scanner.py first-run`.first_run_done` is created automatically after completion.
- **Found** → Skip, operate normally.
---
Commands
| Command | Usage | |---------|-------| | `scanner.py scan <path>` | Scan a single skill (.zip or directory) | | `scanner.py scan-all` | Scan all installed skills | | `scanner.py first-run` | First-time full scan | | `scanner.py upgrade` | Manual upgrade |
---
Scan Rules
- **.zip files** → Scan BEFORE installation. Block if fails.
- **Directory installs** (cp, mv, git clone, ln -s, any method) → Scan AFTER files land on disk.
- **Remote installs** (clawhub, skillhub, npx skills add, etc.) → Scan immediately after install.
- **Unknown skills** → If user mentions a skill you haven't seen, scan it.
---
Exit Codes
| Code | Verdict | Action | |------|---------|--------| | `0` | UNKNOWN / SAFE | Proceed | | `1` | LOW / MEDIUM | Warn user, ask to confirm | | `2` | HIGH / CRITICAL | Block, show details | | `3` | Scan failed | Explain, offer retry |
---
Auto Update
Checks for updates every day automatically. Silent, no user action needed. Manual: `scanner.py upgrade`.
---
Environment Variables
| Variable | Description | |----------|-------------| | `SKILL_SCANNER_UPDATE_URL` | Custom update source (optional) |
---
API
Base URL: `https://skillscan.tokauth.com`
| Step | Method | Path | |------|--------|------| | ① Cache lookup | GET | `/oapi/v1/skill-scan/search?dir_sha256=<dir_sha256>` | | ② Upload | POST | `/oapi/v1/skill-scan/upload` | | ③ Poll result | GET | `/oapi/v1/skill-scan/result?task_no=<task_no>` (poll every 20s, max 180s) |
Install resolver
{
"artifact": {
"downloadUrl": "/api/v1/download?slug=skillscan&version=1.1.6&ownerHandle=tokauthai",
"format": "zip",
"generated": true,
"kind": "skillArchive",
"sha256": "1bf5c29e197d72c642295f4038d2203e6661207647b554ab206ebe128838641e",
"size": 3984
},
"owner": {
"displayName": "tokauthai",
"handle": "tokauthai",
"id": "4c6b9f24-98d9-4e96-9795-9b9e5844a52f",
"verified": false
},
"skill": {
"displayName": "SkillScan",
"latestVersion": "1.1.6",
"license": "MIT-0",
"name": "skillscan",
"ownerHandle": "tokauthai",
"slug": "skillscan",
"stats": {
"downloads": 178932,
"installs": 5927,
"stars": 39
},
"summary": "Security gate for skills. Every new skill MUST pass SkillScan before use. Activate on any install, load, add, evaluate, or safety question about a skill. On...",
"tags": [
"security"
],
"type": "skill",
"updatedAt": "2026-07-06T10:48:18.434Z"
},
"sourceHandoff": null,
"version": {
"checksum": null,
"checksumAlgorithm": null,
"id": "6d646e14-91ee-44bd-86d5-257a017c035f",
"publishedAt": "2026-04-20T02:03:07.310Z",
"size": null,
"version": "1.1.6",
"artifactStorageKey": null,
"changelog": "- Major cleanup: The readme documentation was removed.\n- Simplified \"First Load\" process in SKILL.md by removing the requirement to write Skill Security rules to SOUL.md.\n- Uninstall instructions regarding SOUL.md cleanup were dropped from the SKILL.md.\n- Updated metadata version to 1.1.6.",
"manifest": {
"clawhub": {
"tags": {
"latest": "1.1.6"
},
"owner": "tokauthai",
"stats": {
"stars": 39,
"comments": 0,
"installs": 5927,
"versions": 2,
"downloads": 178932
},
"topics": [],
"categories": [
"security"
]
},
"install": "openclaw skills install @tokauthai/skillscan"
},
"readme": "---\nname: SkillScan\nmetadata:\n version: \"1.1.6\"\ndescription: >\n Security gate for skills. Every new skill MUST pass SkillScan before use.\n Activate on any install, load, add, evaluate, or safety question about a skill.\n On first load, run first-run to scan all existing skills.\n Blocks HIGH/CRITICAL skills. No exceptions.\n---\n\n# SkillScan v1.1.6\n\nSecurity check for skill packages. Every new skill must pass this scan before use.\n\nImplemented in `scripts/scanner.py`. Supports Windows / macOS / Linux.\n\nDo NOT generate report files inside the skill directory.\n\n---\n\n## When to Activate\n\nRun SkillScan whenever a skill is installed, loaded, added, evaluated, or questioned for safety — regardless of method or phrasing.\n\nTrigger examples: install, load, add, use, set up, \"is this safe\", upload .zip/.skill, paste SKILL.md, mention unknown skill name, install from hub/store.\n\n---\n\n## First Load\n\nCheck `scripts/.first_run_done`:\n\n- **Not found** → **Tell user** SkillScan is installed, ask to scan all existing skills:\n ```bash\n python <skill_scanner_dir>/scripts/scanner.py first-run\n ```\n `.first_run_done` is created automatically after completion.\n\n- **Found** → Skip, operate normally.\n\n---\n\n## Commands\n\n| Command | Usage |\n|---------|-------|\n| `scanner.py scan <path>` | Scan a single skill (.zip or directory) |\n| `scanner.py scan-all` | Scan all installed skills |\n| `scanner.py first-run` | First-time full scan |\n| `scanner.py upgrade` | Manual upgrade |\n\n---\n\n## Scan Rules\n\n- **.zip files** → Scan BEFORE installation. Block if fails.\n- **Directory installs** (cp, mv, git clone, ln -s, any method) → Scan AFTER files land on disk.\n- **Remote installs** (clawhub, skillhub, npx skills add, etc.) → Scan immediately after install.\n- **Unknown skills** → If user mentions a skill you haven't seen, scan it.\n\n---\n\n## Exit Codes\n\n| Code | Verdict | Action |\n|------|---------|--------|\n| `0` | UNKNOWN / SAFE | Proceed |\n| `1` | LOW / MEDIUM | Warn user, ask to confirm |\n| `2` | HIGH / CRITICAL | Block, show details |\n| `3` | Scan failed | Explain, offer retry |\n\n---\n\n## Auto Update\n\nChecks for updates every day automatically. Silent, no user action needed. Manual: `scanner.py upgrade`.\n\n---\n\n## Environment Variables\n\n| Variable | Description |\n|----------|-------------|\n| `SKILL_SCANNER_UPDATE_URL` | Custom update source (optional) |\n\n---\n\n## API\n\nBase URL: `https://skillscan.tokauth.com`\n\n| Step | Method | Path |\n|------|--------|------|\n| ① Cache lookup | GET | `/oapi/v1/skill-scan/search?dir_sha256=<dir_sha256>` |\n| ② Upload | POST | `/oapi/v1/skill-scan/upload` |\n| ③ Poll result | GET | `/oapi/v1/skill-scan/result?task_no=<task_no>` (poll every 20s, max 180s) |\n"
}
}