securityclaw-skill
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The installer script (
scripts/install_securityclaw.py) facilitates the setup of background services usinglaunchctlon macOS andsystemctlon Linux to enable continuous monitoring. It also includes logic to install system dependencies via the host's package manager when authorized by the user. - [COMMAND_EXECUTION]: The scanner script (
scripts/securityclaw_scan.py) utilizessubprocessto manage its background operations andshutilto quarantine suspicious skills by moving them to a designated directory. These actions are consistent with the tool's primary security function. - [EXTERNAL_DOWNLOADS]: The documentation references installation via
npxfrom the author's official GitHub repository (mallen-lbx/SecurityClaw). - [DATA_EXFILTRATION]: The notification system allows scan results and excerpts to be transmitted to external services, such as Telegram or user-defined webhooks. This functionality is intended for remote alerting and is controlled by the user's local notification configuration.
- [PROMPT_INJECTION]: The skill implements a rule catalog specifically designed to identify and flag prompt injection markers and adversarial instructions within other audited skills.
- [PROMPT_INJECTION]: Indirect prompt injection surface:
- Ingestion points:
scripts/securityclaw_scan.pyreads untrusted data from external skill files into memory for analysis. - Boundary markers: Employs regular expression boundaries for pattern detection; however, it lacks specific delimiters when presenting audited content in reports.
- Capability inventory: Includes the ability to move filesystem directories (quarantine) and perform outbound network requests via HTTP POST (notifications).
- Sanitization: Implements content clamping for excerpts and utilizes XML escaping when generating service configuration files.
Audit Metadata