Zum Hauptinhalt springen
Dieser Inhalt ist noch nicht in Ihrer Sprache verfügbar und wird auf Englisch angezeigt.

ClawHub Reputation Checker

Skill Verifiziert Aktiv

ClawHub reputation checker for clawsec-suite. Adds a standalone reputation gate before guarded skill installation.

Zweck

To enhance the safety of skill installations by adding a reputation-based security check before allowing installations, preventing the accidental deployment of untrusted or risky skills.

Funktionen

  • ClawHub reputation check
  • Heuristic scoring and thresholding
  • Explicit confirmation for low-reputation installs
  • Optional advisory hook integration
  • Standalone installation validation

Anwendungsfälle

  • Installing new skills from clawsec-suite when a reputation warning is issued
  • Auditing the reputation of a specific skill before installation
  • Setting custom reputation thresholds for automated deployments

Nicht-Ziele

  • Replacing the core functionality of clawsec-suite
  • Performing malware analysis beyond aggregated scanner data
  • Acting as a sole security arbiter for all skill installations

Workflow

  1. Parse command-line arguments and environment variables.
  2. Check ClawHub reputation for the specified skill and version.
  3. Apply heuristic scoring and compare against threshold.
  4. If reputation is low and not confirmed, exit with a confirmation required code.
  5. If reputation is sufficient or confirmed, run the original guarded installer from clawsec-suite.
  6. Exit with appropriate status code based on the outcome.

Praktiken

  • Security best practices
  • Error handling
  • Input validation

Voraussetzungen

  • Node.js runtime
  • clawhub CLI
  • openclaw runtime
  • installed clawsec-suite

Installation

npx skills add prompt-security/clawsec

Führt das Vercel skills CLI (skills.sh) via npx aus — benötigt Node.js lokal und mindestens einen installierten skills-kompatiblen Agent (Claude Code, Cursor, Codex, …). Setzt voraus, dass das Repo dem agentskills.io-Format folgt.

Qualitätspunktzahl

Verifiziert
100 /100
Analysiert about 20 hours ago

Vertrauenssignale

Letzter Commit2 days ago
GitHub-Inhaber prompt-security (opens in new tab)
Sterne983
LizenzAGPL-3.0-or-later
Websiteprompt.security(opens in new tab)
Status
Quellcode ansehen

Ähnliche Erweiterungen

Omc Doctor

99

Diagnose and fix oh-my-claudecode installation issues

Skill
Yeachan-Heo

Vector Setup

100

First-run setup for ruvector@0.2.25 — installs ONNX/Brain/SONA add-ons, registers the MCP server, and verifies the install via `doctor`

Skill
ruvnet

Install Almanac Content

100

Install skills, agents, and teams from agent-almanac into any supported agentic framework using the CLI. Covers framework detection, content search, installation with dependency resolution, health auditing, and manifest-based syncing. Use when setting up a new project with agentic capabilities, installing specific skills or entire domains, targeting multiple frameworks simultaneously, or maintaining a declarative manifest of installed content.

Skill
pjt222

Secrets Management

100

Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.

Skill
wshobson

Semgrep Rule Creator

100

Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.

Skill
trailofbits

Safe Mode

100

Prevent destructive operations using Claude Code hooks. Three modes — cautious (warn on dangerous commands), lockdown (restrict edits to one directory), and clear (remove restrictions). Uses PreToolUse matchers for Bash, Edit, and Write.

Skill
rohitg00