{"id":46126139,"url":"https://github.com/elvatis/clawhub-scanner","last_synced_at":"2026-03-02T02:16:27.720Z","repository":{"id":340314676,"uuid":"1165476720","full_name":"elvatis/clawhub-scanner","owner":"elvatis","description":null,"archived":false,"fork":false,"pushed_at":"2026-02-27T15:56:52.000Z","size":135,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-27T21:25:32.748Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/elvatis.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-24T07:54:22.000Z","updated_at":"2026-02-27T15:56:00.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/elvatis/clawhub-scanner","commit_stats":null,"previous_names":["homeofe/clawhub-scanner","elvatis/clawhub-scanner"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/elvatis/clawhub-scanner","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/elvatis%2Fclawhub-scanner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/elvatis%2Fclawhub-scanner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/elvatis%2Fclawhub-scanner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/elvatis%2Fclawhub-scanner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/elvatis","download_url":"https://codeload.github.com/elvatis/clawhub-scanner/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/elvatis%2Fclawhub-scanner/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29991171,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-02T01:47:34.672Z","status":"online","status_checked_at":"2026-03-02T02:00:07.342Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-03-02T02:16:27.110Z","updated_at":"2026-03-02T02:16:27.715Z","avatar_url":"https://github.com/elvatis.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# @elvatis_com/clawhub-scanner\n\nScan your installed [ClawHub](https://clawhub.com) skills for malware, credential theft, prompt injection, and security risks.\n\n## Why?\n\nClawHub skills run with full agent permissions. In February 2026 alone, security researchers found:\n- **534 skills** with critical vulnerabilities (Snyk)\n- **341 skills** distributing the AMOS stealer (\"ClawHavoc\" campaign)\n- **76 confirmed** malicious payloads for credential theft and data exfiltration\n\nThis scanner checks your installed skills against known malicious patterns, C2 infrastructure, and suspicious behaviors.\n\n## Install\n\n```bash\nnpm install -g @elvatis_com/clawhub-scanner\n```\n\n## Usage\n\n```bash\n# Scan all installed skills\nclawhub-scanner scan\n\n# Scan a specific skill\nclawhub-scanner scan --skill ~/.openclaw/skills/some-skill\n\n# JSON output for automation\nclawhub-scanner scan --json\n\n# Include low-severity findings\nclawhub-scanner scan --verbose\n\n# Show scanned directories\nclawhub-scanner paths\n```\n\n## What It Detects\n\n| Category | Severity | Examples |\n|----------|----------|---------|\n| **C2 Infrastructure** | Critical | Known malicious IPs (91.92.242.30), ClawHavoc domains |\n| **Code Execution** | High | `eval()`, `child_process.exec()`, `process.binding()` |\n| **Credential Theft** | High | SSH key access, AWS creds, browser profiles, crypto wallets |\n| **Data Exfiltration** | High | Discord/Telegram webhooks, raw IP fetches, DNS tunneling |\n| **Obfuscation** | High/Med | Base64+exec combos, large encoded strings, CharCode assembly |\n| **Prompt Injection** | Medium | \"Ignore previous instructions\", system prompt overrides |\n| **Network Activity** | Low | Outbound HTTP to unknown domains, WebSocket connections |\n\n## Exit Codes\n\n| Code | Meaning |\n|------|---------|\n| 0 | Clean (or only low/medium findings) |\n| 1 | High-severity findings detected |\n| 2 | Critical findings detected |\n\nUse in CI/scripts: `clawhub-scanner scan --quiet || echo \"Security issues found!\"`\n\n## Allowlist (False-Positive Suppression)\n\nIf a rule triggers on code you've reviewed and trust, you can suppress it with an allowlist file.\n\nCreate a `.clawhub-allowlist.json` in the skill directory, or a global config at `~/.config/clawhub-scanner/allowlist.json`:\n\n```json\n[\n  { \"rule\": \"EXEC-EVAL\", \"reason\": \"eval used for intentional templating\" },\n  { \"rule\": \"NET-OUTBOUND\", \"file\": \"lib/api-client.js\" },\n  { \"rule\": \"CRED-ENV-HARVEST\", \"file\": \"src/**/*.ts\", \"reason\": \"reads config from env\" }\n]\n```\n\nEach entry has:\n- `rule` (required) - the rule ID to suppress (e.g. `EXEC-EVAL`), or `*` for all rules\n- `file` (optional) - glob pattern to limit suppression to specific files\n- `reason` (optional) - why this is a false positive\n\nYou can also pass a custom allowlist file via CLI:\n\n```bash\nclawhub-scanner scan --allowlist ./my-allowlist.json\n```\n\nSuppressed findings are counted and shown in the report output.\n\n## Scan Locations\n\nBy default, scans:\n- `~/.openclaw/skills/` (user-installed skills)\n- OpenClaw built-in skills directory\n\n## License\n\nMIT - [Elvatis](https://elvatis.com)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Felvatis%2Fclawhub-scanner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Felvatis%2Fclawhub-scanner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Felvatis%2Fclawhub-scanner/lists"}