概述

SafeHub

SafeHub is a security scanner for OpenClaw skills. It runs static analysis (Semgrep) and optional sandbox execution (Docker) on any skill—by name, local path, or GitHub URL—and returns a trust score and a clear recommendation: safe to install, install with caution, or not safe.

Requirements

These binaries must be on your PATH (declared in registry metadata):

Node.js (18+) — required to run the CLI.
Semgrep — required for the scan command (static analysis). Install with brew install semgrep or npm install -g semgrep.
git — required when the scan target is a GitHub URL (used to clone the repo).

Optional:

Docker — used for sandbox execution. If Docker is not available, use --no-sandbox for static-only scanning.

Environment variables

All of these are optional. No secrets or API tokens are required by default.

Variable	Default	Effect
----------	---------	--------
SAFEHUB_RULES_REPO	`safehub/safehub`	GitHub repo (owner/repo) used by `safehub update` to fetch and overwrite local rule files in `./rules`. Setting this to another repo makes the updater pull rules from that repo — use only repos you trust.
SAFEHUB_RULES_BRANCH	`main`	Branch name used when fetching rules (with `SAFEHUB_RULES_REPO`).
SAFEHUB_DATA_DIR	`~/.safehub`	Directory for cached scan reports (e.g. `~/.safehub/reports`).
SAFEHUB_SANDBOX_IMAGE	`node:18-alpine`	Docker image used for the sandbox when scanning.
SAFEHUB_SANDBOX_TIMEOUT_MS	`30000`	Timeout (ms) for the sandbox run before the container is killed.
SAFEHUB_NO_TYPING	(unset)	Set to `1` to disable the typing-effect output (e.g. in CI or pipes).

Important: SAFEHUB_RULES_REPO controls where safehub update downloads rules from and overwrites local ./rules; only point it at a repo you trust.

Commands

All commands are run via the safehub CLI (e.g. safehub scan or node index.js scan from the skill directory).

scan

Scan a skill by ClawHub name, local path, or GitHub URL.

Examples:

safehub scan web-scraper
safehub scan ./my-local-skill
safehub scan https://github.com/user/their-skill
safehub scan https://github.com/BenedictKing/tavily-web --no-sandbox

Options:

--no-sandbox — Skip Docker sandbox; run static analysis only (use when Docker is not installed).

report

Show the last scan report for a skill without rescanning.

Examples:

safehub report web-scraper
safehub report risky-skill

update

Pull the latest Semgrep scanner rules from the SafeHub GitHub repo (or your fork via SAFEHUB_RULES_REPO).

Examples:

safehub update
SAFEHUB_RULES_REPO=owner/repo safehub update

Example output

After running safehub scan , you’ll see:

Static analysis — Findings from Semgrep (network, filesystem, eval/exec, env, obfuscation).
Sandbox behavior — Whether the skill attempted network access or suspicious actions (when Docker is used).
Trust score (0–100) and recommendation: SAFE TO INSTALL, INSTALL WITH CAUTION, or NOT SAFE TO INSTALL.

Installation (users)

Install from ClawHub:

clawhub install safehub

Or install the CLI globally from npm:

npm install -g safehub

Then run safehub scan (if the CLI is on PATH) or node index.js scan from the skill directory.

版本历史

共 1 个版本

v1.0.2 当前

2026-03-30 11:19 安全安全

安全检测

腾讯云安全 (Keen)

安全，无风险

查看报告

腾讯云安全 (Sanbu)

安全，无风险

查看报告

SafeHub

概述

SafeHub

Requirements

Environment variables

Commands

scan

report

update

Example output

Installation (users)

版本历史

安全检测

腾讯云安全 (Keen)

腾讯云安全 (Sanbu)

🔗 相关推荐

MoltGuard - Security & Antivirus & Guardrails

1password

OpenClaw Backup