- Home
- Skills
- Prompt Security
- Clawsec
- Clawsec Clawhub Checker
clawsec-clawhub-checker_skill
- JavaScript
558
GitHub Stars
3
Bundled Files
2 months ago
Catalog Refreshed
3 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill prompt-security/clawsec --skill clawsec-clawhub-checker- README.md4.0 KB
- skill.json2.4 KB
- SKILL.md5.8 KB
Overview
This skill enhances the ClawSec guarded installer by adding ClawHub reputation checks and VirusTotal Code Insight signals before allowing skill installation. It provides a second layer of defense with risk scoring, detailed reports, and a double-confirmation flow for suspicious packages.
How this skill works
The skill wraps the guarded install flow to intercept installation requests and query ClawHub for VirusTotal Code Insight and other reputation signals. It combines advisory feed results with reputation metrics (age, author history, downloads) to produce a risk assessment and requires explicit confirmation when a skill falls below the configured threshold.
When to use it
- When installing new or untrusted skills from ClawHub
- As an additional safety check alongside an advisory feed
- When you want automated reputation scoring before automated deployments
- In environments where defense-in-depth is required for skill installation
- When auditing recent, low-download, or single-author skills
Best practices
- Install this skill after the main ClawSec suite so it hooks into the guarded installer
- Keep the CLAWHUB_REPUTATION_THRESHOLD configured to a value that matches your risk tolerance (default 70)
- Treat VirusTotal signals as heuristic—review flagged code manually before overriding
- Use the --confirm-reputation flag only after code review and operational assessment
- Check ClawHub web pages for OpenClaw internal check details since those are not exposed via API
Example use cases
- Block or pause installation of a newly published skill with low reputation until a human reviews the code
- Automatically require explicit confirmation for skills that present network calls, eval usage, or embedded keys
- Combine advisory feed results with reputation scoring to prioritize manual audits
- Integrate into CI gates to fail installations with reputation warnings unless explicitly approved
- Generate install-time reports that explain why a skill was flagged (VirusTotal findings, author history, age, downloads)
FAQ
No. The advisory feed remains primary; this skill adds a secondary reputation-based layer and double-confirmation for suspicious packages.
What do the exit codes mean?
Exit 0 = safe, 42 = advisory match (blocked), 43 = reputation warning (requires --confirm-reputation), 1 = general error.