Know what you're installing before you install it.

Static security analysis for OpenClaw AI agent skills. Detects prompt injection, credential theft, obfuscated payloads, and dangerous capability combinations.

19,461

Skills scanned

63.9

Avg trust score

1,555

Dangerous skills (8%)

8,433

Trusted skills (43.3%)

Trust Distribution

Trusted — 8,433 (43.3%)

Caution — 4,599 (23.6%)

Risky — 4,874 (25%)

Dangerous — 1,555 (8%)

Key Findings

5,679

Critical findings across all skills

2,090

High severity findings

12,727

Total findings detected

Most Common Capabilities

credential_access

3,326 (17.1%)

network_out

3,245 (16.7%)

package_install

2,740 (14.1%)

network_in

2,565 (13.2%)

data_encoding

1,045 (5.4%)

file_read

671 (3.4%)

agent_memory

654 (3.4%)

file_write

419 (2.2%)

process_exec

243 (1.2%)

dynamic_eval

157 (0.8%)

Browse Full Registry

Or read the State of OpenClaw Security report. Check the API docs to integrate auditing into your workflow, or read the blog for guides and analysis.