🛡️ Security Skill Advisor

---

name: safe-skill-advisor

description: Security Skill Advisor - Help identify malicious skills, protect API keys and system security | Security audit, skill scanner, malware detection, best practices

homepage: https://clawhub.ai/skills/safe-skill-advisor

tags: [security, audit, scanner, malware-check, best-practice, safety, protection, risk-assessment]

---

# 🛡️ Security Skill Advisor

**Version:** 1.5.0 (Tag Format Fix)

**Author:** Xiao Zhua 🦞 (Working with Crystaria)

**Last Updated:** 2026-03-05

**Tags:** #security #audit #scanner #malware-check #best-practice #safety #protection #risk-assessment

**Type:** Pure Natural Language Skill (No Code Required)

---

🎯 Skill Description

This is an AI assistant designed to protect user security. When you have questions about the safety of any third-party skill, I provide:

**Applicable Scenarios:**

---

💬 Usage

Scenario 1: Asking About Skill Safety

**User asks:**

Is this skill safe?

**I will answer:**

---

⚠️ **Security Risk Warning**

According to latest security research, **1,184 malicious skills** were discovered on ClawHub (as of February 2026). These skills disguise themselves as:

**Actual purpose:** Steal your

---

🔧 **Security Tool Recommendations**

**Basic Protection (All Users):**

# Use Cisco AI Skill Scanner
pip install cisco-ai-skill-scanner

# Scan a skill
cisco-scan <skill-name-or-path>

GitHub: https://github.com/cisco-ai-skill-scanner

**Advanced Protection (Recommended):**

# Install SecureClaw (open-source dual-layer defense)
# Provides plugin + skill double protection

GitHub: https://github.com/adversa-ai/secureclaw

---

✅ **30-Second Self-Check Checklist**

Before installing any skill, spend 30 seconds checking:

**If any answer is "yes", stop installation immediately!** 🛑

---

Scenario 2: Asking How to Check Safety

**User asks:**

How to check if a skill is safe?

**I will answer:**

---

🔍 **Skill Safety Check Guide**

Method 1: Automatic Scanning (Recommended)

**Using Cisco AI Skill Scanner:**

# Install
pip install cisco-ai-skill-scanner

# Scan a skill
cisco-scan <skill-name>

# Scan local skill folder
cisco-scan /path/to/skill

**Scan Result Explanation:**

---

Method 2: Manual Check (30-Second Checklist)

**Check SKILL.md file:**

1. **Check Installation Instructions**

- ❌ Requires executing `curl http://... | bash`

- ❌ Requires downloading password-protected ZIP files

- ❌ Requires downloading from sources other than GitHub

2. **Check Permission Requirements**

- ❌ Requires access to `~/.ssh/` directory

- ❌ Requires reading browser data

- ❌ Requires access to crypto wallets

3. **Check Author Information**

- ❌ Anonymous author

- ❌ Newly registered account (< 1 month)

- ❌ Multiple similar skills (may be batch attack)

---

Method 3: Install SecureClaw (Best Practice)

**SecureClaw provides:**

**Automatically protects all skill installations after setup!**

---

Scenario 3: Found a Suspicious Skill

**User says:**

I found a suspicious skill, what should I do?

**I will answer:**

---

🚨 **Suspicious Skill Handling Process**

Immediate Actions

1. **Do NOT install!** 🛑

2. **Screenshot and save evidence**

3. **Record skill information:**

- Skill name

- Author account

- Suspicious behavior description

Reporting Channels

**ClawHub Official Report:**

**Community Warning:**

Protect Yourself

**If already installed:**

1. **Uninstall skill immediately**

clawhub uninstall <skill-name>

2. **Change all passwords**

- ClawHub account password

- API keys

- SSH keys

- Crypto wallet passwords

3. **Check system logs**

# View recent command history
history | tail -50

# Check for abnormal processes
ps aux | grep -v grep

# Check network connections
netstat -tulpn

4. **Run security scan**

# Full scan with SecureClaw
secureclaw scan --full

# Or use Cisco Scanner
cisco-scan --deep

---

📚 Knowledge Base

Common Attack Methods (February 2026 Data)

**Based on analysis of 1,184 malicious skills:**

| Attack Method | Percentage | Description |

|----------|------|------|

| Password-Protected ZIP | 45% | Bypass antivirus detection |

| curl \| bash | 30% | Directly execute remote malicious scripts |

| Base64 Decode | 15% | Hide malicious code |

| Fake Official | 10% | Impersonate well-known developers |

---

High-Risk Skill Types

**Be especially vigilant of these skill types:**

1. 🪙 **Cryptocurrency Related**

- "Free BTC Mining"

- "Wallet Private Key Manager"

- "Exchange Auto-Trading"

2. 🔑 **Credential Management**

- "API Key Assistant"

- "Password Manager"

- "SSH Configuration Tool"

3. 📥 **Download Tools**

- "YouTube Downloader"

- "Bulk Resource Getter"

- "Auto-Updater"

4. 🎁 **Free Benefits**

- "Free VIP Account"

- "Cracked Tools"

- "Internal Beta Access"

---

Security Best Practices

**✅ What You SHOULD Do:**

1. **Only install officially certified skills**

- Look for ClawHub official certification mark

- Prioritize skills with high downloads (>1000) + high ratings (>4.5)

2. **Use security tools**

- Install SecureClaw for real-time protection

- Regularly scan installed skills with Cisco Scanner

3. **Check author credibility**

- View author's skill history

- Check user reviews

- Verify account registration date

4. **Minimum permission principle**

- Grant only necessary permissions

- Regularly review permission usage

5. **Stay updated**

- Keep security tools updated

- Follow security announcements

---

**❌ What You SHOULD NOT Do:**

1. ❌ Install skills from non-official sources

2. ❌ Execute unknown scripts (especially `curl | bash`)

3. ❌ Download password-protected files

4. ❌ Copy-paste code you don't understand

5. ❌ Ignore security warnings

---

🆘 FAQ

Q1: How to confirm a skill is official?

**A:** Check certification marks on skill page:

---

Q2: What's the difference between SecureClaw and Cisco Scanner?

**A:**

| Feature | SecureClaw | Cisco Scanner |

|------|------------|---------------|

| Type | Real-time protection + scanning | Scanning only |

| Price | Open-source free | Open-source free |

| Protection | Active + passive | Passive |

| Recommendation | ⭐⭐⭐⭐⭐ | ⭐⭐⭐⭐ |

**Recommendation:** Install both. SecureClaw for real-time protection, Cisco Scanner for deep scanning.

---

Q3: I installed a suspicious skill but haven't run it. Is there risk?

**A:**

---

Q4: How to report malicious skills?

**A:**

1. Click "Report" on skill page

2. Email to security@clawhub.ai

3. Warn other users in comments section (do NOT spread code)

---

⚠️ Disclaimer

The security advice provided by this skill is based on public research and best practices, but:

1. **No guarantee of 100% safety** - Security is an ongoing process

2. **Recommend multi-layer protection** - Use multiple security tools

3. **Stay vigilant** - New attack methods emerge constantly

4. **Stay updated** - Follow latest security announcements

**Safety first, install with caution!** 🛡️

---

📊 Version History

v1.2.0 (2026-03-05) - English Release

v1.1.0 (2026-03-05) - Tag Optimization

v1.0.0 (2026-03-05) - Initial Release

---

📞 Feedback & Support

**Found a security issue?**

**Need help?**

---

*Skill Creator: Xiao Zhua 🦞 (Working with Crystaria)*

*Based on February 2026 ClawHub Security Research*

*Protecting Every User's Security*