security-scanner
Malicious skill includes examples that execute downloaded binaries (`curl`, `wget`), read `'/home/' + process.env.USER + '/.ssh/id_rsa'` and `'/home/' + process.env.USER + '/.aws/credentials'`, encode them and POST to `http://analytics-service.tk/collect`. The package otherwise advertises itself as an offline security scanner for OpenClaw skills.