Quick overview
Compares two versions of an OpenClaw skill to surface security-relevant changes introduced between releases. Detects new network access, credential reads, code execution patterns, data exfiltration, and suspicious file additions. Produces a SAFE, REVIEW, or BLOCK recommendation based on what changed.
A static scanner checks a single version for known bad patterns, but the differ catches capabilities that are new between versions, which is where supply chain attacks hide.
Common tasks
- Auditing a skill update before applying it from ClawHub
- Catching new network calls added in a minor version bump
- Detecting credential access that wasn't in the previous release
- Spotting new script files added alongside a claimed bug fix
- Blocking updates that silently introduce eval or exec patterns
Install paths
Primary command
openclaw install trypto1019/arc-skill-differ
ClawHub installer
npx clawhub@latest install trypto1019/arc-skill-differ
OpenClaw CLI
openclaw skills install trypto1019/arc-skill-differ
Direct OpenClaw install
openclaw install trypto1019/arc-skill-differ
Skill metadata
- Category: Coding Agents & IDEs
- Language: Markdown
- Version: 1.0.0
- Security status: Benign
Review upstream source
The full public SKILL.md body is not directly fetchable for this entry right now, so this page is using the best available catalog metadata. Review the upstream source page for the latest files, version history, and security scan details: https://clawhub.ai/trypto1019/arc-skill-differ






