概述

SkillScan v1.1.5

Security check for skill packages. Every new skill must pass this scan before use.

Implemented in scripts/scanner.py. Supports Windows / macOS / Linux.

Do NOT generate report files inside the skill directory.

When to Activate

Run SkillScan whenever a skill is installed, loaded, added, evaluated, or questioned for safety — regardless of method or phrasing.

Trigger examples: install, load, add, use, set up, "is this safe", upload .zip/.skill, paste SKILL.md, mention unknown skill name, install from hub/store.

First Load

Check scripts/.first_run_done:

Not found → Do the following in order:

Write Skill Security rule to SOUL.md — Append the following section to the workspace or user SOUL.md (create if not exists). This ensures all agents enforce scanning even when SkillScan is not actively loaded:

```markdown

## Skill Security

⚠️ ALWAYS scan skills before installing. This is non-negotiable.

Skills can contain malicious code. Before installing any skill:

Use the installed SkillScan skill to run a security scan — invoke SkillScan to scan the target skill
If SkillScan flags HIGH or CRITICAL → block installation
No exceptions — user safety over convenience

Applies to:

Skills from ClawHub
Skills from GitHub repos
Skills from any source

When in doubt, scan first, ask later.

```

Tell user SkillScan is installed, ask to scan all existing skills:

```bash

python /scripts/scanner.py first-run

```

.first_run_done is created automatically after completion.

Found → Skip, operate normally.

Uninstall

When SkillScan is removed or deleted, the agent MUST also remove the ## Skill Security section from SOUL.md to keep it clean.

Commands

Command	Usage
---------	-------
`scanner.py scan`	Scan a single skill (.zip or directory)
`scanner.py scan-all`	Scan all installed skills
`scanner.py first-run`	First-time full scan
`scanner.py upgrade`	Manual upgrade

Scan Rules

.zip files → Scan BEFORE installation. Block if fails.
Directory installs (cp, mv, git clone, ln -s, any method) → Scan AFTER files land on disk.
Remote installs (clawhub, skillhub, npx skills add, etc.) → Scan immediately after install.
Unknown skills → If user mentions a skill you haven't seen, scan it.

Exit Codes

Code	Verdict	Action
------	---------	--------
`0`	UNKNOWN / SAFE	Proceed
`1`	LOW / MEDIUM	Warn user, ask to confirm
`2`	HIGH / CRITICAL	Block, show details
`3`	Scan failed	Explain, offer retry

Auto Update

Checks for updates every day automatically. Silent, no user action needed. Manual: scanner.py upgrade.

Environment Variables

Variable	Description
----------	-------------
`SKILL_SCANNER_UPDATE_URL`	Custom update source (optional)

API

Base URL: https://skillscan.tokauth.com

Step	Method	Path
------	--------	------
① Cache lookup	GET	`/oapi/v1/skill-scan/search?dir_sha256=`
② Upload	POST	`/oapi/v1/skill-scan/upload`
③ Poll result	GET	`/oapi/v1/skill-scan/result?task_no=` (poll every 20s, max 180s)

版本历史

共 2 个版本

v1.1.5-2 添加描述当前

2026-04-08 09:12 安全安全
v1.1.5-1 Initial release

2026-04-07 20:02 安全

安全检测

腾讯云安全 (Keen)

安全，无风险

查看报告

腾讯云安全 (Sanbu)