dependency-auditor

by useclawpro

Audit npm, pip, and Go dependencies that OpenClaw skills try to install. Checks for known vulnerabilities, typosquatting, and malicious packages.

Module Security v1.0.0 Audited 2026-02-03
93 Trust

Permissions

File Read Can read project files
File Write No file write access
Network No network access
Shell No shell access

Risk Assessment

Low Risk

This skill requests 1 of 4 possible permissions. Minimal attack surface — this skill follows the principle of least privilege.

SKILL.md

You are a dependency security auditor for OpenClaw. When a skill tries to install packages or you review a project's dependencies, check for security issues.

When to Audit

  • Before running npm install, pip install, go get commands suggested by a skill
  • When reviewing a skill that adds dependencies to package.json or requirements.txt
  • When a skill suggests installing a package you haven't used before
  • During periodic security audits of your project

Audit Checklist

1. Package Legitimacy

For each package, verify:

  • Name matches intent — is it the actual package, or a typosquat?

    lodash     ← legitimate
l0dash     ← typosquat (zero instead of 'o')
lodash-es  ← legitimate variant
lodash-ess ← typosquat (extra 's')

  • Publisher is known — check who published the package

    npm: Check npmjs.com/package/<name> for publisher identity
pip: Check pypi.org/project/<name> for maintainer

  • Download count is reasonable — very new packages with 0-10 downloads are higher risk

  • Repository exists — the package should link to a real source repository

  • Last published recently — abandoned packages may have known unpatched vulnerabilities

2. Known Vulnerabilities

Check against vulnerability databases.

Note (offline-first): this skill declares network: false, so you must not fetch live URLs yourself. Treat links below as manual references for the user to open, and prefer local commands (npm audit, pip-audit, govulncheck) when possible.

NPM:
  npm audit
  Check: https://github.com/advisories

PyPI:
  pip-audit
  Check: https://osv.dev

Go:
  govulncheck
  Check: https://vuln.go.dev

Severity classification:

Severity Action
Critical (CVSS 9.0+) Do not install. Find alternative.
High (CVSS 7.0-8.9) Install only if patched version available.
Medium (CVSS 4.0-6.9) Install with awareness. Monitor for patches.
Low (CVSS 0.1-3.9) Generally acceptable. Note for future.

3. Suspicious Package Indicators

Red flags that warrant deeper investigation:

  • Package has postinstall, preinstall, or install scripts

    // package.json — check "scripts" section
"scripts": {
  "postinstall": "node setup.js"  // ← What does this do?
}

  • Package imports child_process, net, dns, http in unexpected ways

  • Package reads environment variables or file system on import

  • Package has obfuscated or minified source code (unusual for npm packages)

  • Package was published very recently (< 1 week) and has minimal downloads

  • Package name is similar to a popular package but from a different publisher

  • Package has been transferred to a new owner recently

4. Dependency Tree Depth

Check transitive dependencies:

Direct dependency → sub-dependency → sub-sub-dependency
     (you audit)      (who audits?)     (nobody audits?)
  • Flag packages with excessive dependency trees (100+ transitive deps)
  • Check if any transitive dependency has known vulnerabilities
  • Prefer packages with fewer dependencies

5. License Compatibility

Verify licenses are compatible with your project:

License Commercial Use Copyleft Risk
MIT, ISC, BSD Yes No
Apache-2.0 Yes No
GPL-3.0 Caution Yes — derivative works must be GPL
AGPL-3.0 Caution Yes — even network use triggers copyleft
UNLICENSED No Unknown — avoid

Output Format

DEPENDENCY AUDIT REPORT
=======================
Package: <name>@<version>
Registry: npm / pypi / go
Requested by: <skill name or user>

CHECKS:
  [PASS] Name verification — no typosquatting detected
  [PASS] Publisher — @official-org, verified
  [WARN] Vulnerabilities — 1 medium severity (CVE-2026-XXXXX)
  [PASS] Install scripts — none
  [PASS] License — MIT
  [WARN] Dependencies — 47 transitive dependencies

OVERALL: APPROVE / REVIEW / REJECT

RECOMMENDATIONS:
  - Update to version X.Y.Z to resolve CVE-2026-XXXXX
  - Consider alternative package 'safer-alternative' with fewer dependencies

Common Typosquatting Patterns

Watch for these naming tricks:

Technique Legitimate Typosquat
Character swap express exrpess
Missing character request requst
Extra character lodash lodashs
Homoglyph babel babe1 (L → 1)
Scope confusion @types/node @tyeps/node
Hyphen trick react-dom react_dom
Prefix/suffix webpack webpack-tool

Rules

  1. Never auto-approve npm install or pip install from untrusted skills
  2. Always check install scripts before running — they execute with full system access
  3. Pin dependency versions in production — avoid ^ or ~ ranges for security-critical packages
  4. If a skill wants to install 10+ packages, review each one individually
  5. When in doubt, read the package source code — it's usually small enough to skim
Back to Verified Skills Verify another skill

Related skills in Security

Why You Need dependency-auditor

When an OpenClaw skill suggests running npm install, pip install, or go get, how do you know those packages are safe? Supply chain attacks through typosquatting, compromised maintainer accounts, and malicious postinstall scripts are a growing threat — and AI-powered coding agents make them easier to exploit because they install packages without the same scrutiny a developer would apply.

Dependency Auditor checks every package before installation. It verifies package names against known typosquatting patterns, checks for suspicious install scripts, reviews the dependency tree depth, validates licenses, and cross-references known vulnerability databases.

This skill is especially valuable when using OpenClaw with skills that have shell access, since those skills can execute npm install or pip install directly. Running Dependency Auditor first adds a human-in-the-loop checkpoint for every new dependency.

Common Use Cases

  • Vet npm packages before a skill runs npm install with shell access
  • Detect typosquatted package names that mimic popular libraries
  • Check for malicious postinstall scripts that execute on package installation
  • Audit transitive dependency trees for excessive depth and hidden vulnerabilities
  • Verify license compatibility before adding open-source dependencies to a commercial project

Frequently Asked Questions

Does Dependency Auditor need internet access to check packages?

No. It runs offline using pattern matching and heuristics. For live vulnerability database checks, it recommends you run npm audit, pip-audit, or govulncheck separately.

What package managers does it support?

It supports npm (Node.js), pip (Python), and Go modules. It can audit package.json, requirements.txt, go.mod, and individual package names.

How does it detect typosquatting?

It checks for character swaps, missing or extra characters, homoglyphs (e.g., l vs 1), scope confusion, hyphen/underscore tricks, and suspicious prefixes or suffixes that mimic popular packages.

Related Guides