Skip to content
Cisco AI Defense logo
CiscoAI Security

defenseclaw skill — DefenseClaw

Overview

defenseclaw skill — Manage OpenClaw skills — search, install, scan, block, allow, disable, enable, quarantine, restore.

Reference

Synopsis

defenseclaw skill [OPTIONS]

Subcommands

SubcommandDescription
allowAdd a skill to the install allow list.
blockAdd a skill to the install block list.
disableDisable a skill at runtime via the OpenClaw gateway.
enableEnable a previously disabled skill via the OpenClaw gateway.
infoShow detailed information about a skill.
installInstall and scan an OpenClaw skill via clawhub.
listList all OpenClaw skills with their latest scan severity.
quarantineQuarantine a skill's files to the quarantine area.
restoreRestore a quarantined skill to its original location.
scanScan a skill by name, path, URL, or 'all' for all configured skills.
searchSearch the ClawHub skill registry.
unblockRemove a skill from the block list and clear all enforcement state.

Description

Manage OpenClaw skills — search, install, scan, block, allow, disable, enable, quarantine, restore

defenseclaw skill allow

Add a skill to the install allow list

Add a skill to the install allow list.

Allow-listed skills skip the scan gate during install. Adding a skill also removes it from the block list.

defenseclaw skill allow <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--reasontextnoReason for allowing

defenseclaw skill block

Add a skill to the install block list

Add a skill to the install block list.

Blocked skills are rejected by 'skill install' before any scan. Does not affect already-running skills — use 'skill disable' or 'skill quarantine' for that.

defenseclaw skill block <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--reasontextnoReason for blocking

defenseclaw skill disable

Disable a skill at runtime via the OpenClaw gateway

Disable a skill at runtime via the OpenClaw gateway.

Sends a skills.update RPC to prevent the agent from using the skill's tools until re-enabled. This is runtime-only — it does not block install or quarantine files.

Requires the gateway to be running.

defenseclaw skill disable <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--reasontextnoReason for disabling

defenseclaw skill enable

Enable a previously disabled skill via the OpenClaw gateway

Enable a previously disabled skill via the OpenClaw gateway.

This is a runtime-only action.

defenseclaw skill enable <NAME>

Arguments

NameTypeArityRequired
nametext1yes

defenseclaw skill info

Show detailed information about a skill

Show detailed information about a skill.

Displays merged skill metadata from OpenClaw, latest scan results from the DefenseClaw audit database, and enforcement actions.

defenseclaw skill info <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--jsonbooleannoOutput skill info as JSON

defenseclaw skill install

Install and scan an OpenClaw skill via clawhub

Install and scan an OpenClaw skill via clawhub.

By default, install only runs the scan and reports findings — no enforcement actions are taken. Pass --action to apply the configured skill_actions policy (quarantine, disable, block) based on scan severity.

Use --force to overwrite an existing skill.

defenseclaw skill install <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--forcebooleannoForce install (overwrites existing)
--actionbooleannoApply skill_actions policy based on scan severity

defenseclaw skill list

List all OpenClaw skills with their latest scan severity

Options

FlagTypeDefaultEnv varRequiredDescription
--jsonbooleannoOutput merged skill list as JSON

defenseclaw skill quarantine

Quarantine a skill's files to the quarantine area

Quarantine a skill's files to the quarantine area.

Moves the skill's directory to ~/.defenseclaw/quarantine/skills/ and records the action. The skill can be restored with 'skill restore'.

defenseclaw skill quarantine <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--reasontextnoReason for quarantine

defenseclaw skill restore

Restore a quarantined skill to its original location

Restore a quarantined skill to its original location.

By default restores to the original path recorded during quarantine. Use --path to override the restore destination.

defenseclaw skill restore <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--pathtextnoOverride restore destination (defaults to original path)

defenseclaw skill scan

Scan a skill by name, path, URL, or 'all' for all configured skills

Scan a skill by name, path, URL, or 'all' for all configured skills.

Uses the native cisco-ai-skill-scanner SDK for local scans.

Remote scanning (--remote): When the sidecar runs on a remote host (e.g. via SSM port-forward), pass --remote to send the scan request to the sidecar API instead of running the scanner locally.

URL targets (fetch-to-temp): Pass an https:// URL or clawhub:// URI to download a skill package to a temp directory, scan it locally, then clean up. This lets you pre-screen skills before installing them.

Examples: defenseclaw skill scan https://example.com/skills/my-skill.tar.gz defenseclaw skill scan clawhub://my-skill@1.2.3

defenseclaw skill scan [TARGET]

Arguments

NameTypeArityRequired
targettext1no

Options

FlagTypeDefaultEnv varRequiredDescription
--jsonbooleannoOutput scan results as JSON
--pathtextnoOverride skill directory path
--remotebooleannoScan via sidecar API (for skills on a remote host)
--allbooleannoScan all configured skills
--actionbooleannoApply enforcement actions (quarantine/block/disable) based on findings

defenseclaw skill search

Search the ClawHub skill registry

Search the ClawHub skill registry.

Delegates to npx clawhub search &lt;query&gt; and displays results.

 Examples: defenseclaw skill search wiki defenseclaw skill search database --json

defenseclaw skill search <QUERY>

Arguments

NameTypeArityRequired
querytext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--jsonbooleannoOutput results as JSON

defenseclaw skill unblock

Remove a skill from the block list and clear all enforcement state

Remove a skill from the block list and clear all enforcement state.

Clears block, quarantine, and disable actions without adding to the allow list — the skill will go through normal scanning on next install.

To also restore quarantined files, run 'skill restore' after unblocking.

defenseclaw skill unblock <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Usage

Find, scan, and inspect skills

defenseclaw skill list --json
defenseclaw skill scan --path ./skills/acme --json
defenseclaw skill info acme --json

scan can target a path, remote URL, or all installed skills.

Change enforcement state

defenseclaw skill block acme --reason "unsafe network access"
defenseclaw skill allow acme --reason "approved exception"
defenseclaw skill restore acme --path ./skills/acme

State-changing commands write through the local enforcement store.

Related