skill-audit-guardian
// Audit dropped ClawHub skill ZIPs, classify risk (SAFE/CAUTION/REMOVE), auto-sort files, and generate a plain-English security dashboard.
$ git log --oneline --stat
stars:1,933
forks:367
updated:March 4, 2026
SKILL.mdreadonly
SKILL.md Frontmatter
nameskill-audit-guardian
descriptionAudit dropped ClawHub skill ZIPs, classify risk (SAFE/CAUTION/REMOVE), auto-sort files, and generate a plain-English security dashboard.
version1.0.0
metadata[object Object]
Skill Audit Guardian
Security helper for reviewing skill ZIPs before production install.
What it does
- Watches a drop folder for
.zipfiles - Audits each ZIP for suspicious patterns
- Scores and classifies into:
- SAFE
- CAUTION
- REMOVE
- Auto-moves files into risk folders
- Generates a dashboard with plain-English reasoning per flagged line
Included scripts
scripts/skill-zip-audit.sh- One-shot ZIP auditor
scripts/skill-zip-watch.sh- Continuous watcher + auto-sorter
scripts/generate-skill-audit-pro.py- Dashboard generator (
~/Desktop/skill-audit-pro.html)
- Dashboard generator (
Quick start
# One-shot audit
bash scripts/skill-zip-audit.sh ~/Desktop/skill-drop/example.zip
# Continuous mode (recommended)
bash scripts/skill-zip-watch.sh ~/Desktop/skill-drop
Folder output (watch mode)
~/Desktop/skill-drop/safe~/Desktop/skill-drop/caution~/Desktop/skill-drop/remove~/Desktop/skill-drop/failed
Dashboard
open ~/Desktop/skill-audit-pro.html
Notes
- This is heuristic scanning, not a full malware sandbox.
- Always test CAUTION/REMOVE skills in isolated environment first.