Skills
skills/openclaw/skills/guardskills/Gen Agent Trust Hub

guardskills

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads and installs the guardskills package from the npm registry. This is a legitimate dependency required for the skill's security scanning functionality.
  • [COMMAND_EXECUTION]: The skill executes guardskills CLI commands to perform security analysis on other skills. This is the primary intended behavior of the skill.
  • [PROMPT_INJECTION]: This skill is susceptible to indirect prompt injection because it processes content from untrusted third-party skills.
  • Ingestion points: External skill files are read from local disks, GitHub repositories, and ClawHub URLs via scanning commands.
  • Boundary markers: The agent is instructed to read the scanner's output decision but no explicit delimiters are defined for the tool's raw output.
  • Capability inventory: The skill is used to decide whether to proceed with or block the installation of other software, which is a sensitive action.
  • Sanitization: There is no evidence of specific sanitization or filtering of the scanned content within the skill's prompt instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 09:49 AM