Security scanner for OpenClaw skills with Clawdex integration. Analyzes SKILL.md and scripts for dangerous permissions, hardcoded secrets, shell injection vulnerabilities, and malicious code patterns. Automatically uses Clawdex database if installed for known-malicious skill detection. Use when (1) installing a skill from an untrusted source, (2) developing a skill before publishing, (3) auditing installed skills, or (4) running CI/CD security checks.

集成Clawdex的OpenClaw技能安全扫描器，分析SKILL.md文件和脚本中的危险权限、硬编码密钥、Shell注入漏洞和恶意代码模式。若已安装Clawdex数据库，将自动用于识别已知恶意技能。适用于以下场景：(1) 从不可信来源安装技能，(2) 发布技能前进行开发审查，(3) 审计已安装的技能，(4) 执行CI/CD安全检查