SkillHub ClubRun DevOpsFull StackSecurity

mayguard

A security auditor for agent skills. Scans skill directories for malicious patterns (credential theft, suspicious network calls, destructive commands) and provides a safety score. Use before installing unknown skills.

Packaged view

This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.

Stars

3,108

Hot score

Updated

March 20, 2026

Overall rating

C4.0

Composite score

4.0

Best-practice grade

B75.1

Install command

npx @skill-hub/cli install openclaw-skills-mayguard

Repository

openclaw/skills

Skill path: skills/balkanblbn/mayguard

Open repository

Best for

Primary workflow: Run DevOps.

Technical facets: Full Stack, Security.

Target audience: everyone.

License: Unknown.

Original source

Catalog source: SkillHub Club.

Repository owner: openclaw.

This is still a mirrored public skill entry. Review the repository before installing into production workflows.

What it helps with

Install mayguard into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
Review https://github.com/openclaw/skills before adding mayguard to shared team environments
Use mayguard for development workflows

Works across

Claude CodeCodex CLIGemini CLIOpenCode

Favorites: 0.

Sub-skills: 0.

Aggregator: No.

Original source / Raw SKILL.md

---
name: mayguard
description: A security auditor for agent skills. Scans skill directories for malicious patterns (credential theft, suspicious network calls, destructive commands) and provides a safety score. Use before installing unknown skills.
---

# MayGuard: Security Auditor 🛡️

MayGuard is a specialized tool for auditing the security of other agent skills. It performs deep static analysis to detect common attack vectors and malicious code patterns.

## 🌟 Key Features
- **Static Analysis:** Scans source code for hardcoded credentials, suspicious URLs, and dangerous commands.
- **Risk Scoring:** Assigns a security status (SAFE, CAUTION, SUSPICIOUS, DANGEROUS) based on findings.
- **Pre-Installation Check:** Allows users to verify a skill's integrity before moving it to the active `skills/` directory.

## 🛠️ How to Use

### 1. Auditing a Skill
To audit a downloaded skill directory, run the provided script:
```bash
python3 scripts/audit.py <path_to_skill_directory>
```

### 2. Output Report
The script will output a summary including:
- **Status:** The overall safety rating.
- **Risk Score:** Numerical representation of detected threats.
- **Findings:** Specific files and patterns that triggered warnings.

### 3. JSON Output
For integration with other tools, use the `--json` flag:
```bash
python3 scripts/audit.py <path> --json
```

## 🛡️ Security Patterns Monitored
ClawGuard maintains a database of threat patterns in `references/threat_patterns.json`, including:
- **Credential Theft:** Access to `.env`, SSH keys, or config files.
- **Suspicious Networking:** Use of webhooks, tunnels (ngrok, localtunnel), or outbound POST requests.
- **Destructive Commands:** `rm -rf /`, disk formatting, or privilege escalation.
- **Obfuscation:** Use of `eval`, `exec`, or base64 decoding to hide logic.

## 🤝 Community Responsibility
If ClawGuard flags a skill as **DANGEROUS**, please report the skill and its author on Moltbook to help protect the wider community. 🦞

---
*Built with ❤️ by maymun & Balkan.*


---

## Referenced Files

> The following files are referenced in this skill and included for context.

### scripts/audit.py

```python
import os
import re
import json
import argparse
import sys

# Constants
DEFAULT_PATTERNS_PATH = os.path.join(os.path.dirname(__file__), "../references/threat_patterns.json")

def load_patterns(path):
    try:
        with open(path, "r") as f:
            return json.load(f)
    except Exception as e:
        print(f"Error loading patterns: {e}")
        sys.exit(1)

def audit_directory(target_path, patterns):
    report = {
        "target": target_path,
        "findings": [],
        "risk_score": 0,
        "status": "SAFE"
    }
    
    if not os.path.isdir(target_path):
        print(f"Error: {target_path} is not a directory.")
        sys.exit(1)

    for root, dirs, files in os.walk(target_path):
        for file in files:
            # Skip hidden files or specific extensions if needed
            if file.startswith('.') or file.endswith(('.pyc', '.skill', '.zip')):
                continue
                
            file_path = os.path.join(root, file)
            try:
                with open(file_path, "r", encoding="utf-8", errors="ignore") as f:
                    content = f.read()
                    
                    for category, regex_list in patterns.items():
                        for pattern in regex_list:
                            if re.search(pattern, content, re.IGNORECASE):
                                finding = {
                                    "file": os.path.relpath(file_path, target_path),
                                    "category": category,
                                    "pattern": pattern
                                }
                                report["findings"].append(finding)
                                # Scoring logic: 20 points per match, capped per category
                                report["risk_score"] += 20
            except Exception as e:
                print(f"Could not read {file_path}: {e}")

    # Normalize score and status
    if report["risk_score"] >= 80:
        report["status"] = "DANGEROUS"
    elif report["risk_score"] >= 40:
        report["status"] = "SUSPICIOUS"
    elif report["risk_score"] > 0:
        report["status"] = "CAUTION"
    
    return report

def main():
    parser = argparse.ArgumentParser(description="ClawGuard: Audit agent skills for security risks.")
    parser.add_argument("path", help="The path to the skill directory to audit.")
    parser.add_argument("--json", action="store_true", help="Output report in JSON format.")
    args = parser.parse_args()

    patterns = load_patterns(DEFAULT_PATTERNS_PATH)
    report = audit_directory(args.path, patterns)

    if args.json:
        print(json.dumps(report, indent=2))
    else:
        print(f"\n--- ClawGuard Audit Report ---")
        print(f"Target: {report['target']}")
        print(f"Status: {report['status']}")
        print(f"Risk Score: {report['risk_score']}")
        print(f"Findings: {len(report['findings'])}")
        print("-" * 30)
        for f in report['findings']:
            print(f"[{f['category'].upper()}] in {f['file']}: Match '{f['pattern']}'")
        print("-" * 30 + "\n")

if __name__ == "__main__":
    main()

```

### references/threat_patterns.json

```json
{
  "credential_theft": [
    "\\.env",
    "id_rsa",
    "openclaw\\.json",
    "credentials",
    "passwd",
    "shadow",
    "~/.config"
  ],
  "suspicious_networking": [
    "webhook\\.site",
    "ngrok\\.io",
    "loca\\.lt",
    "curl -X POST",
    "requests\\.post",
    "socket\\.",
    "urllib\\.request",
    "aiohttp"
  ],
  "destructive_commands": [
    "rm -rf /",
    "truncate",
    "chmod 777",
    "chown root",
    "mkfs",
    "dd if=/dev/zero"
  ],
  "obfuscation": [
    "base64\\.b64decode",
    "eval\\(",
    "exec\\(",
    "getattr\\(",
    "__import__",
    "compile\\("
  ]
}

```



---

## Skill Companion Files

> Additional files collected from the skill directory layout.

### _meta.json

```json
{
  "owner": "balkanblbn",
  "slug": "mayguard",
  "displayName": "MayGuard",
  "latest": {
    "version": "1.0.0",
    "publishedAt": 1771794657725,
    "commit": "https://github.com/openclaw/skills/commit/89c5638dd8ff4e9440556a26f4bdbace50a626b9"
  },
  "history": []
}

```