clawsec-clawhub-checker_skill

This skill enhances skill installation safety by checking VirusTotal reputation and advisories before installing any skill in ClawHub.
  • JavaScript

558

GitHub Stars

3

Bundled Files

2 months ago

Catalog Refreshed

3 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill prompt-security/clawsec --skill clawsec-clawhub-checker

  • README.md4.0 KB
  • skill.json2.4 KB
  • SKILL.md5.8 KB

Overview

This skill enhances the ClawSec guarded installer by adding ClawHub reputation checks and VirusTotal Code Insight signals before allowing skill installation. It provides a second layer of defense with risk scoring, detailed reports, and a double-confirmation flow for suspicious packages.

How this skill works

The skill wraps the guarded install flow to intercept installation requests and query ClawHub for VirusTotal Code Insight and other reputation signals. It combines advisory feed results with reputation metrics (age, author history, downloads) to produce a risk assessment and requires explicit confirmation when a skill falls below the configured threshold.

When to use it

  • When installing new or untrusted skills from ClawHub
  • As an additional safety check alongside an advisory feed
  • When you want automated reputation scoring before automated deployments
  • In environments where defense-in-depth is required for skill installation
  • When auditing recent, low-download, or single-author skills

Best practices

  • Install this skill after the main ClawSec suite so it hooks into the guarded installer
  • Keep the CLAWHUB_REPUTATION_THRESHOLD configured to a value that matches your risk tolerance (default 70)
  • Treat VirusTotal signals as heuristic—review flagged code manually before overriding
  • Use the --confirm-reputation flag only after code review and operational assessment
  • Check ClawHub web pages for OpenClaw internal check details since those are not exposed via API

Example use cases

  • Block or pause installation of a newly published skill with low reputation until a human reviews the code
  • Automatically require explicit confirmation for skills that present network calls, eval usage, or embedded keys
  • Combine advisory feed results with reputation scoring to prioritize manual audits
  • Integrate into CI gates to fail installations with reputation warnings unless explicitly approved
  • Generate install-time reports that explain why a skill was flagged (VirusTotal findings, author history, age, downloads)

FAQ

No. The advisory feed remains primary; this skill adds a secondary reputation-based layer and double-confirmation for suspicious packages.

What do the exit codes mean?

Exit 0 = safe, 42 = advisory match (blocked), 43 = reputation warning (requires --confirm-reputation), 1 = general error.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational