malwar 0.3.1

Malware detection engine for agentic skills (SKILL.md)

Malwar

Static analysis engine purpose-built for detecting malware in agentic AI skill files.

Web Dashboard  ·  API Docs  ·  Detection Rules  ·  Deployment

---

Why

20% of ClawHub's 10,700+ skills are malicious. The ClawHavoc campaign alone trojanized 824+ skills to deliver the AMOS infostealer. These attacks aren't binaries — they're natural language instructions hidden in Markdown files. VirusTotal sees nothing. Code scanners see nothing. Malwar was built to catch them.

How It Works

SKILL.md → Rule Engine → URL Crawler → LLM Analyzer → Threat Intel → Verdict
             <50ms         1-5s          2-10s           <100ms

Layer	What it catches
Rule Engine	Obfuscated commands, prompt injection, credential exposure, exfiltration patterns (26 rules)
URL Crawler	Malicious URLs, domain reputation, redirect chains to C2 infrastructure
LLM Analyzer	Social engineering, hidden intent, context-dependent attacks invisible to regex
Threat Intel	Known IOCs, campaign attribution, threat actor fingerprints

Full pipeline details: Architecture

Quick Start

pip install malwar
malwar db init

For development:

git clone https://github.com/Ap6pack/malwar.git && cd malwar
pip install -e ".[dev]"
malwar db init

malwar scan SKILL.md                    # scan a file
malwar scan skills/                     # scan a directory
malwar scan SKILL.md --format sarif     # CI/CD output
malwar scan SKILL.md --no-llm          # skip LLM (fast + free)
malwar crawl scan beszel-check          # scan a ClawHub skill by slug
malwar crawl url https://example.com/SKILL.md  # scan any remote SKILL.md

$ malwar scan suspicious-skill.md

  MALICIOUS  Risk: 95/100  Findings: 4

  MALWAR-OBF-001   Base64-encoded command execution        critical   L14
  MALWAR-CMD-001   Remote script piped to shell            critical   L22
  MALWAR-EXFIL-001 Agent memory/identity file access       critical   L31
  MALWAR-MAL-001   ClawHavoc campaign indicator            critical   L14

  Scan completed in 42ms (rule_engine, threat_intel)

Full command reference: CLI Guide

API

malwar serve    # http://localhost:8000

curl -X POST http://localhost:8000/api/v1/scan \
  -H "Content-Type: application/json" \
  -d '{"content": "...", "file_name": "SKILL.md"}'

30+ endpoints covering scan submission, results, SARIF export, signatures CRUD, campaigns, reports, dashboard analytics, audit logs, and RBAC. Auth via X-API-Key header.

Full endpoint reference: API Docs

Web Dashboard

Built-in browser UI at http://localhost:8000 when running the API server.

React 19 · TypeScript · Vite · Tailwind CSS 4 · Recharts

Docker

docker compose up -d    # API + Dashboard at http://localhost:8000

Multi-stage build: Node.js compiles the frontend, Python 3.13-slim runs the backend.

Full deployment guide: Deployment

Configuration

All settings via environment variables with MALWAR_ prefix or .env file. Key settings:

Variable	Default	Description
MALWAR_API_KEYS	(empty)	API keys (empty = auth disabled)
MALWAR_ANTHROPIC_API_KEY	(empty)	Anthropic key for LLM layer
MALWAR_DB_PATH	malwar.db	SQLite database path

All 40+ configuration options →

Development

pytest                                # 1,504 tests
ruff check src/ tests/                # lint
mypy src/                             # type check

37 test fixtures: 5 benign, 10 malicious (synthetic), 22 real-world samples from ClawHub and Snyk research.

Full dev guide: Development

Documentation

Architecture	Pipeline design, scoring logic, storage layer
API Reference	All 30+ endpoints with schemas and examples
Detection Rules	All 26 rules with patterns and false positive guidance
Threat Campaigns	Campaign tracking, ClawHavoc case study
CLI Reference	Every command with flags and examples
Deployment	pip, Docker, nginx, production config
Development	Adding rules, endpoints, testing, conventions

---

What's New in v0.3.0

Extensibility — YAML DSL for custom rules, rule testing framework, plugin system, ML-based risk scoring.

Infrastructure — PostgreSQL backend support, Redis caching layer, GitLab CI and Azure DevOps templates.

Security & Compliance — Immutable audit logging, role-based access control (RBAC), CI security scanning with SBOM.

Operations — Scheduled background scanning, multi-channel notifications (Slack, email, webhooks), git diff scanning.

User Experience — Dashboard analytics with trend charts, Rich TUI for interactive terminal usage.

Registry Integration — malwar crawl command to browse, search, and scan skills directly from ClawHub. Also supports scanning any remote SKILL.md by URL.

1,504 tests | 26 detection rules | 82% coverage

---

BSL-1.1 — Copyright (c) 2026 Veritas Aequitas Holdings LLC. All rights reserved.