我要评分
获取效率
正确性
完整性
易理解

Manage Skills Supply Chain and Install Only Officially Maintained Built-in Skills

Install only officially maintained built-in skills. Review SKILL.md and the code logic before installation.

Official Source

How to Obtain

Description

ClawHub official repository

https://clawhub.ai/

It is the only official skill marketplace; all third-party mirror sites are unauthorized.

Built-in skills

Built into OpenClaw

No installation; available out of the box.

Official GitHub organization

github.com/openclaw

Officially maintained skill repository.

The only official repository is https://clawhub.ai/. Any other websites (such as openclawSkills.best) are third-party mirror sites, which are the primary sources of malicious skills.

Exercise extreme caution with skills involving curl, wget, network requests, or command execution. For sensitive tasks, you are advised to develop skills locally to maintain code sovereignty.

Category

Malicious Behavior

Spoofing Name

Credential theft

Reads and exfiltrates ~/.ssh, ~/.aws, browser password, and API key.

"ssh-manager", "aws-helper", and "key-manager"

File deletion

Executes rm -rf, deletes system files, and corrupts startup items.

"cleaner", "disk-free", and "temp-clean"

Backdoor implantation

Creates hidden users, opens reverse shells, and installs remote control tools.

"remote-assist" and "ssh-tunnel"

Cryptojacking

Silently downloads cryptocurrency mining software, heavily consuming CPU/GPU resources.

"system-optimizer" and "cpu-boost"

Data exfiltration

Packages private files and uploads them to unknown domain servers.

"backup-tool" and "sync-helper"

AI poisoning

Modifies SOUL.md or IDENTITY.md to alter or compromise the AI's core persona.

"personality-enhancer" and "soul-editor"

Privilege escalation

Attempts sudo, privilege escalation, or modification of system configurations.

"admin-helper" and "system-config"

Cyberattacks

Scans internal networks, attacks adjacent servers, or launches DDoS attacks.

"network-scanner" and "port-check"

Procedure

To disable third-party skills, you must implement a combination of security policies.

  1. Configure skills.allowBundled to ensure that only the specified built-in skills can be loaded; all other built-in skills will be ignored.
    • Method 1
      openclaw config set skills.allowBundled '["gog", "github", "weather", "clawhub", "healthcheck"]'
    • Method 2
      1. Open the configuration file.
        vim ~/.openclaw/openclaw.json
      2. Press i to enter the insert mode and configure skills.allowBundled.
        {
          "skills": {
            "allowBundled": [
              "gog",
              "github",
              "weather",
              "clawhub",
              "healthcheck"
            ]
          }
        }
      3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
  2. Clear the external skill loading directories.
    1. Open the configuration file.
      vim ~/.openclaw/openclaw.json
    2. Press i to enter the insert mode and configure skills.load.
      {
        "skills": {
          "load": {
            "extraDirs": [],
            "watch": false
          }
        }
      }
    3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
  3. Delete the existing third-party skill directories.
    1. Clear the local skill directory
      rm -rf ~/.openclaw/skills/*
    2. Clear the workspace skill directory (if any).
      rm -rf <workspace>/skills/*