[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"extension-skill-prompt-security-clawsec-clawhub-checker-zh-CN":3,"guides-for-prompt-security-clawsec-clawhub-checker":580,"similar-k172a1fn4g03khkwby166vtxnn86m6y6-zh-CN":581},{"_creationTime":4,"_id":5,"children":6,"community":7,"display":9,"evaluation":15,"identity":257,"isFallback":240,"parentExtension":263,"providers":264,"relations":270,"repo":272,"tags":577,"workflow":578},1778695753353.6296,"k172a1fn4g03khkwby166vtxnn86m6y6",[],{"reviewCount":8},0,{"description":10,"installMethods":11,"name":13,"sourceUrl":14},"ClawHub reputation checker for clawsec-suite. Adds a standalone reputation gate before guarded skill installation.",{"claudeCode":12},"prompt-security/clawsec","ClawHub Reputation Checker","https://github.com/prompt-security/clawsec",{"_creationTime":16,"_id":17,"extensionId":5,"locale":18,"result":19,"trustSignals":238,"workflow":255},1778695794930.4355,"kn77acmz9d32n07k2ahf6zbj5986np89","en",{"checks":20,"evaluatedAt":192,"extensionSummary":193,"features":194,"nonGoals":200,"practices":204,"prerequisites":208,"promptVersionExtension":213,"promptVersionScoring":214,"purpose":215,"rationale":216,"score":217,"summary":218,"tags":219,"targetMarket":225,"tier":226,"useCases":227,"workflow":231},[21,26,29,32,36,39,43,47,50,53,57,61,64,68,71,74,77,80,83,86,90,94,98,102,106,109,113,116,121,124,127,130,133,136,139,143,147,150,153,157,160,163,166,169,173,176,179,182,185,189],{"category":22,"check":23,"severity":24,"summary":25},"Practical Utility","Problem relevance","pass","The description clearly states the problem of adding a reputation gate before guarded skill installations and identifies the target artifact ('clawsec-suite guarded installer').",{"category":22,"check":27,"severity":24,"summary":28},"Unique selling proposition","This skill offers a distinct value proposition by adding a heuristic-based reputation check and explicit confirmation step, going beyond the default guarded installer's functionality.",{"category":22,"check":30,"severity":24,"summary":31},"Production readiness","The extension is production-ready, with clear installation, usage, and configuration instructions, and covers the complete lifecycle of reputation checking before installation.",{"category":33,"check":34,"severity":24,"summary":35},"Scope","Single responsibility principle","The skill focuses solely on reputation checking and acting as a gate for guarded installations, adhering to a single responsibility.",{"category":33,"check":37,"severity":24,"summary":38},"Description quality","The displayed description accurately and concisely reflects the skill's functionality: a ClawHub reputation checker for clawsec-suite that gates installations.",{"category":40,"check":41,"severity":24,"summary":42},"Invocation","Scoped tools","The skill uses a single main script for installation (`enhanced_guarded_install.mjs`) which then calls a specialized reputation checking tool (`check_clawhub_reputation.mjs`), adhering to the principle of narrow tools.",{"category":44,"check":45,"severity":24,"summary":46},"Documentation","Configuration & parameter reference","All configuration options, including the `CLAWHUB_REPUTATION_THRESHOLD` environment variable and its default, are clearly documented.",{"category":33,"check":48,"severity":24,"summary":49},"Tool naming","The primary tools like `enhanced_guarded_install.mjs` and `check_clawhub_reputation.mjs` have descriptive names.",{"category":33,"check":51,"severity":24,"summary":52},"Minimal I/O surface","The skill's inputs (command-line arguments) are well-defined, and its outputs are structured JSON or specific exit codes, avoiding unnecessary data dumps.",{"category":54,"check":55,"severity":24,"summary":56},"License","License usability","The license is GNU AGPL v3.0 or later, a common and permissive open-source license, clearly declared in the LICENSE file and SKILL.md.",{"category":58,"check":59,"severity":24,"summary":60},"Maintenance","Commit recency","The last commit was on 2026-05-12, well within the last 3 months, indicating active maintenance.",{"category":58,"check":62,"severity":24,"summary":63},"Dependency Management","The project appears to use standard Node.js dependencies which are likely managed via npm/yarn, and the `check_clawhub_reputation.mjs` script indicates usage of Node.js built-in modules. No explicit third-party dependencies are called out as unmanaged.",{"category":65,"check":66,"severity":24,"summary":67},"Security","Secret Management","No secrets are hardcoded; the script relies on environment variables or external tools for credentials, and the output does not reveal sensitive information.",{"category":65,"check":69,"severity":24,"summary":70},"Injection","The script validates input slugs and versions rigorously, preventing injection attacks. It does not fetch or execute external code.",{"category":65,"check":72,"severity":24,"summary":73},"Transitive Supply-Chain Grenades","The skill relies on the `clawhub` CLI and Node.js built-ins, and all scripts are bundled, preventing runtime external data fetches that could lead to supply chain issues.",{"category":65,"check":75,"severity":24,"summary":76},"Sandbox Isolation","The script operates within the expected file paths (`~/.openclaw/skills`) and does not attempt to modify files outside its designated scope.",{"category":65,"check":78,"severity":24,"summary":79},"Sandbox escape primitives","No detached processes or retry loops around denied calls were observed in the provided scripts.",{"category":65,"check":81,"severity":24,"summary":82},"Data Exfiltration","The skill only calls external ClawHub endpoints for reputation data and does not exfiltrate any user data or credentials.",{"category":65,"check":84,"severity":24,"summary":85},"Hidden Text Tricks","The bundled scripts and markdown files do not contain any hidden text tricks or malicious Unicode characters.",{"category":87,"check":88,"severity":24,"summary":89},"Hooks","Opaque code execution","The provided JavaScript files are plain and readable, with no signs of obfuscation, base64 payloads, or runtime code fetching.",{"category":91,"check":92,"severity":24,"summary":93},"Portability","Structural Assumption","The script correctly references paths relative to the user's home directory and assumes standard installation locations for `clawsec-suite` and `clawhub`, making it portable.",{"category":95,"check":96,"severity":24,"summary":97},"Trust","Issues Attention","There are 0 open issues and 6 closed issues in the last 90 days, indicating good maintainer responsiveness and a healthy issue closure rate.",{"category":99,"check":100,"severity":24,"summary":101},"Versioning","Release Management","A meaningful semver version (0.0.3) is declared in the SKILL.md frontmatter and CHANGELOG.md.",{"category":103,"check":104,"severity":24,"summary":105},"Execution","Validation","Input arguments for skill slug and version are validated using regular expressions, preventing malformed inputs.",{"category":65,"check":107,"severity":24,"summary":108},"Unguarded Destructive Operations","The skill is designed to be non-destructive, primarily making read calls to ClawHub and relying on the underlying `clawsec-suite` for installation actions, which would have its own guards.",{"category":110,"check":111,"severity":24,"summary":112},"Code Execution","Error Handling","Errors are caught, parsed, and reported with specific messages, including exit codes for common failure scenarios.",{"category":110,"check":114,"severity":24,"summary":115},"Logging","The skill provides clear console output for its operations and uses distinct exit codes to indicate success, warnings, or errors, serving as an audit trail.",{"category":117,"check":118,"severity":119,"summary":120},"Compliance","GDPR","not_applicable","The skill does not operate on personal data; it queries public reputation data from ClawHub.",{"category":117,"check":122,"severity":24,"summary":123},"Target market","No regional or jurisdictional logic is apparent; the skill is global in scope.",{"category":91,"check":125,"severity":24,"summary":126},"Runtime stability","The skill uses standard Node.js modules and the `clawhub` CLI, ensuring cross-platform compatibility.",{"category":44,"check":128,"severity":24,"summary":129},"README","A comprehensive README file is present, clearly outlining the skill's purpose, installation, usage, and security considerations.",{"category":33,"check":131,"severity":24,"summary":132},"Tool surface size","The extension exposes a minimal set of entry points: `enhanced_guarded_install.mjs` and `setup_reputation_hook.mjs`, keeping the tool surface small.",{"category":40,"check":134,"severity":24,"summary":135},"Overlapping near-synonym tools","The skill uses distinct tools for specific functions (reputation check, installation setup) without redundant near-synonym names.",{"category":44,"check":137,"severity":24,"summary":138},"Phantom features","All advertised features, such as reputation checks and confirmation gates, are implemented and verifiable in the provided scripts.",{"category":140,"check":141,"severity":24,"summary":142},"Install","Installation instruction","Clear installation instructions with copy-pasteable commands and usage examples are provided in both the README and SKILL.md.",{"category":144,"check":145,"severity":24,"summary":146},"Errors","Actionable error messages","Errors provide clear messages, root causes (e.g., 'Invalid skill slug'), and remediation steps (e.g., 'run with --confirm-reputation').",{"category":103,"check":148,"severity":24,"summary":149},"Pinned dependencies","The script uses Node.js built-in modules and relies on the `clawhub` CLI, with no explicit third-party script dependencies requiring pinning. The Node.js runtime is implied.",{"category":33,"check":151,"severity":24,"summary":152},"Dry-run preview","The `enhanced_guarded_install.mjs` script includes a `--dry-run` flag, allowing users to preview the intended installation process without making changes.",{"category":154,"check":155,"severity":119,"summary":156},"Protocol","Idempotent retry & timeouts","The skill primarily makes read calls to external APIs and relies on the `clawsec-suite` for state-changing operations, making direct idempotency/timeout checks on its own handlers not applicable.",{"category":117,"check":158,"severity":24,"summary":159},"Telemetry opt-in","The extension does not appear to emit any telemetry; if it did, it would be expected to be opt-in by default. No telemetry is mentioned in the documentation.",{"category":40,"check":161,"severity":24,"summary":162},"Precise Purpose","The purpose is precisely defined: to add a reputation gate (what it does) before guarded skill installations (when to use), operating on skills and installation processes.",{"category":40,"check":164,"severity":24,"summary":165},"Concise Frontmatter","The frontmatter in SKILL.md is concise and self-contained, clearly stating the core capability and dependencies.",{"category":44,"check":167,"severity":24,"summary":168},"Concise Body","The SKILL.md body is well-structured and concise, delegating longer details to the README and script files, adhering to progressive disclosure principles.",{"category":170,"check":171,"severity":24,"summary":172},"Context","Progressive Disclosure","The SKILL.md outlines the main flow, and details like installation and usage are provided in the README, with scripts in their respective directories.",{"category":170,"check":174,"severity":119,"summary":175},"Forked exploration","This skill is not an exploration or deep review tool; it performs a specific check and acts as a gate, so forked exploration context is not applicable.",{"category":22,"check":177,"severity":24,"summary":178},"Usage examples","Sufficient and clear end-to-end usage examples are provided in both SKILL.md and README, demonstrating invocation and expected outcomes.",{"category":22,"check":180,"severity":24,"summary":181},"Edge cases","The skill handles edge cases like invalid slugs, missing versions, and low reputation scores, providing clear error messages and recovery steps (e.g., `--confirm-reputation`).",{"category":110,"check":183,"severity":119,"summary":184},"Tool Fallback","The skill does not rely on external MCP servers or custom tools beyond the `clawhub` CLI and Node.js built-ins, making fallbacks not applicable.",{"category":186,"check":187,"severity":24,"summary":188},"Safety","Halt on unexpected state","The script performs input validation and checks for valid paths, halting with clear error messages on unexpected states before proceeding with sensitive operations.",{"category":91,"check":190,"severity":24,"summary":191},"Cross-skill coupling","The skill operates standalone and explicitly documents its dependency on `clawsec-suite` for installation, without implicit coupling.",1778695794821,"This skill acts as a reputation gate for installing other skills managed by `clawsec-suite`. It queries ClawHub for reputation data, applies heuristic scoring, and requires explicit confirmation for low-scoring installations. It can also optionally provide reputation warnings in advisory alerts.",[195,196,197,198,199],"ClawHub reputation check","Heuristic scoring and thresholding","Explicit confirmation for low-reputation installs","Optional advisory hook integration","Standalone installation validation",[201,202,203],"Replacing the core functionality of clawsec-suite","Performing malware analysis beyond aggregated scanner data","Acting as a sole security arbiter for all skill installations",[205,206,207],"Security best practices","Error handling","Input validation",[209,210,211,212],"Node.js runtime","clawhub CLI","openclaw runtime","installed clawsec-suite","3.0.0","4.4.0","To enhance the safety of skill installations by adding a reputation-based security check before allowing installations, preventing the accidental deployment of untrusted or risky skills.","The extension is exceptionally well-documented, robust in its error handling and validation, and adheres strictly to security best practices. All checks passed with 'pass' severity.",100,"A high-quality, secure skill that adds a crucial reputation gate to guarded installations.",[220,221,222,223,224],"security","reputation","gate","installation","node","global","verified",[228,229,230],"Installing new skills from clawsec-suite when a reputation warning is issued","Auditing the reputation of a specific skill before installation","Setting custom reputation thresholds for automated deployments",[232,233,234,235,236,237],"Parse command-line arguments and environment variables.","Check ClawHub reputation for the specified skill and version.","Apply heuristic scoring and compare against threshold.","If reputation is low and not confirmed, exit with a confirmation required code.","If reputation is sufficient or confirmed, run the original guarded installer from clawsec-suite.","Exit with appropriate status code based on the outcome.",{"codeQuality":239,"collectedAt":241,"documentation":242,"maintenance":245,"security":251,"testCoverage":254},{"hasLockfile":240},true,1778695774206,{"descriptionLength":243,"readmeSize":244},114,17881,{"closedIssues90d":246,"forks":247,"hasChangelog":240,"manifestVersion":248,"openIssues90d":8,"pushedAt":249,"stars":250},6,104,"0.0.3",1778569911000,983,{"hasNpmPackage":252,"license":253,"smitheryVerified":252},false,"AGPL-3.0",{"hasCi":240,"hasTests":240},{"updatedAt":256},1778695794930,{"basePath":258,"githubOwner":259,"githubRepo":260,"locale":18,"slug":261,"type":262},"skills/clawsec-clawhub-checker","prompt-security","clawsec","clawsec-clawhub-checker","skill",null,{"evaluate":265,"extract":267},{"promptVersionExtension":213,"promptVersionScoring":214,"score":217,"tags":266,"targetMarket":225,"tier":226},[220,221,222,223,224],{"commitSha":268,"license":269},"HEAD","AGPL-3.0-or-later",{"repoId":271},"kd72phsqkbk8w57ctvf7ac9nqs86n9t4",{"_creationTime":273,"_id":271,"identity":274,"providers":275,"workflow":573},1778695744804.4285,{"githubOwner":259,"githubRepo":260,"sourceUrl":14},{"classify":276,"discover":548,"github":551},{"commitSha":268,"extensions":277},[278,292,308,318,334,359,386,398,422,435,446,475,487,504,516,528],{"basePath":279,"description":280,"displayName":281,"installMethods":282,"rationale":283,"selectedPaths":284,"source":291,"sourceLanguage":18,"type":262},"skills/claw-release","Release automation for Claw skills and website. Guides through version bumping, tagging, and release verification.","claw-release",{"claudeCode":12},"SKILL.md frontmatter at skills/claw-release/SKILL.md",[285,288],{"path":286,"priority":287},"SKILL.md","mandatory",{"path":289,"priority":290},"CHANGELOG.md","medium","rule",{"basePath":258,"description":10,"displayName":261,"installMethods":293,"rationale":294,"selectedPaths":295,"source":291,"sourceLanguage":18,"type":262},{"claudeCode":12},"SKILL.md frontmatter at skills/clawsec-clawhub-checker/SKILL.md",[296,297,300,301,304,306],{"path":286,"priority":287},{"path":298,"priority":299},"README.md","high",{"path":289,"priority":290},{"path":302,"priority":303},"scripts/check_clawhub_reputation.mjs","low",{"path":305,"priority":303},"scripts/enhanced_guarded_install.mjs",{"path":307,"priority":303},"scripts/setup_reputation_hook.mjs",{"basePath":309,"description":310,"displayName":311,"installMethods":312,"rationale":313,"selectedPaths":314,"source":291,"sourceLanguage":18,"type":262},"skills/clawsec-feed","Security advisory feed package for OpenClaw-related threats and vulnerabilities. The upstream feed is updated daily; local automation is handled by clawsec-suite or the operator.","clawsec-feed",{"claudeCode":12},"SKILL.md frontmatter at skills/clawsec-feed/SKILL.md",[315,316,317],{"path":286,"priority":287},{"path":298,"priority":299},{"path":289,"priority":290},{"basePath":319,"description":320,"displayName":321,"installMethods":322,"rationale":323,"selectedPaths":324,"source":291,"sourceLanguage":18,"type":262},"skills/clawsec-nanoclaw","Use when checking for security vulnerabilities in NanoClaw skills, before installing new skills, or when asked about security advisories affecting the bot","clawsec-nanoclaw",{"claudeCode":12},"SKILL.md frontmatter at skills/clawsec-nanoclaw/SKILL.md",[325,326,327,328,330,332],{"path":286,"priority":287},{"path":298,"priority":299},{"path":289,"priority":290},{"path":329,"priority":290},"INSTALL.md",{"path":331,"priority":303},"docs/INTEGRITY.md",{"path":333,"priority":303},"docs/SKILL_SIGNING.md",{"basePath":335,"description":336,"displayName":337,"installMethods":338,"rationale":339,"selectedPaths":340,"source":291,"sourceLanguage":18,"type":262},"skills/clawsec-scanner","Automated vulnerability scanner for agent platforms. Performs dependency scanning (npm audit, pip-audit), multi-database CVE lookup (OSV, NVD, GitHub Advisory), SAST analysis (Semgrep, Bandit), and agent-specific DAST hook execution testing for OpenClaw hooks.","clawsec-scanner",{"claudeCode":12},"SKILL.md frontmatter at skills/clawsec-scanner/SKILL.md",[341,342,343,345,347,349,351,353,355,357],{"path":286,"priority":287},{"path":289,"priority":290},{"path":344,"priority":303},"scripts/.gitkeep",{"path":346,"priority":303},"scripts/dast_hook_executor.mjs",{"path":348,"priority":303},"scripts/dast_runner.mjs",{"path":350,"priority":303},"scripts/query_cve_databases.mjs",{"path":352,"priority":303},"scripts/runner.sh",{"path":354,"priority":303},"scripts/sast_analyzer.mjs",{"path":356,"priority":303},"scripts/scan_dependencies.mjs",{"path":358,"priority":303},"scripts/setup_scanner_hook.mjs",{"basePath":360,"description":361,"displayName":362,"installMethods":363,"rationale":364,"selectedPaths":365,"source":291,"sourceLanguage":18,"type":262},"skills/clawsec-suite","ClawSec suite manager with embedded advisory-feed monitoring, cryptographic signature verification, approval-gated malicious-skill response, and guided setup for additional security skills.","clawsec-suite",{"claudeCode":12},"SKILL.md frontmatter at skills/clawsec-suite/SKILL.md",[366,367,368,370,372,374,376,378,380,382,384],{"path":286,"priority":287},{"path":289,"priority":290},{"path":369,"priority":290},"HEARTBEAT.md",{"path":371,"priority":303},"scripts/discover_skill_catalog.mjs",{"path":373,"priority":303},"scripts/generate_checksums_json.mjs",{"path":375,"priority":303},"scripts/guarded_skill_install.mjs",{"path":377,"priority":303},"scripts/local_file_io.mjs",{"path":379,"priority":303},"scripts/setup_advisory_cron.mjs",{"path":381,"priority":303},"scripts/setup_advisory_hook.mjs",{"path":383,"priority":303},"scripts/sign_detached_ed25519.mjs",{"path":385,"priority":303},"scripts/verify_detached_ed25519.mjs",{"basePath":387,"description":388,"displayName":389,"installMethods":390,"rationale":391,"selectedPaths":392,"source":291,"sourceLanguage":18,"type":262},"skills/clawtributor","Community incident reporting for AI agents. Contribute to collective security by reporting threats.","clawtributor",{"claudeCode":12},"SKILL.md frontmatter at skills/clawtributor/SKILL.md",[393,394,395,396],{"path":286,"priority":287},{"path":298,"priority":299},{"path":289,"priority":290},{"path":397,"priority":290},"reporting.md",{"basePath":399,"description":400,"displayName":401,"installMethods":402,"rationale":403,"selectedPaths":404,"source":291,"sourceLanguage":18,"type":262},"skills/hermes-attestation-guardian","Hermes-only runtime security attestation and drift detection skill for operator-managed Hermes infrastructure.","hermes-attestation-guardian",{"claudeCode":12},"SKILL.md frontmatter at skills/hermes-attestation-guardian/SKILL.md",[405,406,407,408,410,412,414,416,418,420],{"path":286,"priority":287},{"path":298,"priority":299},{"path":289,"priority":290},{"path":409,"priority":303},"scripts/check_advisories.mjs",{"path":411,"priority":303},"scripts/generate_attestation.mjs",{"path":413,"priority":303},"scripts/guarded_skill_verify.mjs",{"path":415,"priority":303},"scripts/refresh_advisory_feed.mjs",{"path":417,"priority":303},"scripts/setup_advisory_check_cron.mjs",{"path":419,"priority":303},"scripts/setup_attestation_cron.mjs",{"path":421,"priority":303},"scripts/verify_attestation.mjs",{"basePath":423,"description":424,"displayName":425,"installMethods":426,"rationale":427,"selectedPaths":428,"source":291,"sourceLanguage":18,"type":262},"skills/hermes-traffic-guardian","Hermes runtime traffic monitoring baseline for opt-in proxy inspection, egress detection, and attestation-aware traffic posture.","hermes-traffic-guardian",{"claudeCode":12},"SKILL.md frontmatter at skills/hermes-traffic-guardian/SKILL.md",[429,430,431,432,434],{"path":286,"priority":287},{"path":298,"priority":299},{"path":289,"priority":290},{"path":433,"priority":290},"SPEC.md",{"path":344,"priority":303},{"basePath":436,"description":437,"displayName":438,"installMethods":439,"rationale":440,"selectedPaths":441,"source":291,"sourceLanguage":18,"type":262},"skills/nanoclaw-traffic-guardian","NanoClaw runtime traffic monitoring baseline for host-side proxy inspection with container-safe MCP and IPC status surfaces.","nanoclaw-traffic-guardian",{"claudeCode":12},"SKILL.md frontmatter at skills/nanoclaw-traffic-guardian/SKILL.md",[442,443,444,445],{"path":286,"priority":287},{"path":298,"priority":299},{"path":289,"priority":290},{"path":433,"priority":290},{"basePath":447,"description":448,"displayName":449,"installMethods":450,"rationale":451,"selectedPaths":452,"source":291,"sourceLanguage":18,"type":262},"skills/openclaw-audit-watchdog","Automated daily security audits for OpenClaw agents with DM delivery and optional email reporting. Runs deep audits, creates or updates a recurring cron job, and sends formatted reports to configured recipients.","openclaw-audit-watchdog",{"claudeCode":12},"SKILL.md frontmatter at skills/openclaw-audit-watchdog/SKILL.md",[453,454,455,456,458,460,462,464,466,468,469,471,473],{"path":286,"priority":287},{"path":298,"priority":299},{"path":289,"priority":290},{"path":457,"priority":303},"examples/README.md",{"path":459,"priority":303},"examples/security-audit-config.example.json",{"path":461,"priority":303},"scripts/codex_review.sh",{"path":463,"priority":303},"scripts/load_suppression_config.mjs",{"path":465,"priority":303},"scripts/render_report.mjs",{"path":467,"priority":303},"scripts/run_audit_and_format.sh",{"path":352,"priority":303},{"path":470,"priority":303},"scripts/send_smtp.mjs",{"path":472,"priority":303},"scripts/sendmail_report.sh",{"path":474,"priority":303},"scripts/setup_cron.mjs",{"basePath":476,"description":477,"displayName":478,"installMethods":479,"rationale":480,"selectedPaths":481,"source":291,"sourceLanguage":18,"type":262},"skills/openclaw-traffic-guardian","OpenClaw runtime traffic monitoring baseline for opt-in HTTP/HTTPS proxy inspection, egress detection, and inbound injection detection.","openclaw-traffic-guardian",{"claudeCode":12},"SKILL.md frontmatter at skills/openclaw-traffic-guardian/SKILL.md",[482,483,484,485,486],{"path":286,"priority":287},{"path":298,"priority":299},{"path":289,"priority":290},{"path":433,"priority":290},{"path":344,"priority":303},{"basePath":488,"description":489,"displayName":490,"installMethods":491,"rationale":492,"selectedPaths":493,"source":291,"sourceLanguage":18,"type":262},"skills/picoclaw-security-guardian","Picoclaw security posture skill with advisory awareness, configuration drift detection, and supply-chain verification guidance.","picoclaw-security-guardian",{"claudeCode":12},"SKILL.md frontmatter at skills/picoclaw-security-guardian/SKILL.md",[494,495,496,497,498,500,502],{"path":286,"priority":287},{"path":298,"priority":299},{"path":289,"priority":290},{"path":409,"priority":303},{"path":499,"priority":303},"scripts/check_drift.mjs",{"path":501,"priority":303},"scripts/generate_profile.mjs",{"path":503,"priority":303},"scripts/verify_supply_chain.mjs",{"basePath":505,"description":506,"displayName":507,"installMethods":508,"rationale":509,"selectedPaths":510,"source":291,"sourceLanguage":18,"type":262},"skills/picoclaw-self-pen-testing","Picoclaw-only local posture-review skill focused on read-only findings and safe operator remediation guidance.","picoclaw-self-pen-testing",{"claudeCode":12},"SKILL.md frontmatter at skills/picoclaw-self-pen-testing/SKILL.md",[511,512,513,514],{"path":286,"priority":287},{"path":298,"priority":299},{"path":289,"priority":290},{"path":515,"priority":303},"scripts/self_pen_test.mjs",{"basePath":517,"description":518,"displayName":519,"installMethods":520,"rationale":521,"selectedPaths":522,"source":291,"sourceLanguage":18,"type":262},"skills/picoclaw-traffic-guardian","Picoclaw runtime traffic monitoring baseline for lightweight AI gateway proxy inspection, egress detection, and posture integration.","picoclaw-traffic-guardian",{"claudeCode":12},"SKILL.md frontmatter at skills/picoclaw-traffic-guardian/SKILL.md",[523,524,525,526,527],{"path":286,"priority":287},{"path":298,"priority":299},{"path":289,"priority":290},{"path":433,"priority":290},{"path":344,"priority":303},{"basePath":529,"description":530,"displayName":531,"installMethods":532,"rationale":533,"selectedPaths":534,"source":291,"sourceLanguage":18,"type":262},"skills/soul-guardian","Drift detection + baseline integrity guard for agent workspace files with automatic alerting support","soul-guardian",{"claudeCode":12},"SKILL.md frontmatter at skills/soul-guardian/SKILL.md",[535,536,537,538,540,542,544,546],{"path":286,"priority":287},{"path":298,"priority":299},{"path":289,"priority":290},{"path":539,"priority":303},"scripts/install_launchd_plist.py",{"path":541,"priority":303},"scripts/onboard_state_dir.py",{"path":543,"priority":303},"scripts/soul_guardian.py",{"path":545,"priority":303},"scripts/test_install_launchd_plist.py",{"path":547,"priority":303},"scripts/test_soul_guardian.py",{"sources":549},[550],"manual",{"closedIssues90d":246,"description":552,"forks":247,"homepage":553,"license":253,"openIssues90d":8,"pushedAt":249,"readmeSize":244,"stars":250,"topics":554},"A complete security skill suite for OpenClaw, Hermes, PicoClaw and NanoClaw agents (and variants). Protect your SOUL.md (etc') with drift detection, live security recommendations, automated audits, and skill integrity verification. All from one installable suite.","https://prompt.security/clawsec",[555,556,557,558,559,560,561,562,563,564,565,566,567,568,569,570,571,572],"clawdbot","clawdbot-skill","molt","moltbot-skill","moltbot-skills","openclaw","openclaw-extension","openclaw-plugin","openclaw-security","openclaw-skill","openclaw-skills","nanoclaw","hermes","hermes-agent","hermes-skill","hermes-skills","picoclaw","picoclaw-install",{"classifiedAt":574,"discoverAt":575,"extractAt":576,"githubAt":576,"updatedAt":574},1778695753156,1778695744804,1778695751173,[222,223,224,221,220],{"evaluatedAt":256,"extractAt":579,"updatedAt":256},1778695753353,[],[582,613,642,670,698,728],{"_creationTime":583,"_id":584,"community":585,"display":586,"identity":592,"providers":596,"relations":606,"tags":609,"workflow":610},1778699234184.6145,"k177qdcw49s89vk80gbm3d4q9s86nkvy",{"reviewCount":8},{"description":587,"installMethods":588,"name":590,"sourceUrl":591},"Diagnose and fix oh-my-claudecode installation issues",{"claudeCode":589},"Yeachan-Heo/oh-my-claudecode","omc-doctor","https://github.com/Yeachan-Heo/oh-my-claudecode",{"basePath":593,"githubOwner":594,"githubRepo":595,"locale":18,"slug":590,"type":262},"skills/omc-doctor","Yeachan-Heo","oh-my-claudecode",{"evaluate":597,"extract":604},{"promptVersionExtension":213,"promptVersionScoring":214,"score":598,"tags":599,"targetMarket":225,"tier":226},99,[223,600,601,602,595,603,224],"troubleshooting","diagnostics","claudecode","cli",{"commitSha":268,"license":605},"MIT",{"parentExtensionId":607,"repoId":608},"k17brg5egdw1jbncj1j4wfv3fh86n639","kd74zv63fryf9prygtq7gf4es986n22y",[602,603,601,223,224,595,600],{"evaluatedAt":611,"extractAt":612,"updatedAt":611},1778699506415,1778699234184,{"_creationTime":614,"_id":615,"community":616,"display":617,"identity":623,"providers":627,"relations":635,"tags":638,"workflow":639},1778696691708.3306,"k172evhhmbzzyp7g0t2caf4hfh86nsp9",{"reviewCount":8},{"description":618,"installMethods":619,"name":621,"sourceUrl":622},"First-run setup for ruvector@0.2.25 — installs ONNX/Brain/SONA add-ons, registers the MCP server, and verifies the install via `doctor`",{"claudeCode":620},"ruvnet/ruflo","vector-setup","https://github.com/ruvnet/ruflo",{"basePath":624,"githubOwner":625,"githubRepo":626,"locale":18,"slug":621,"type":262},"plugins/ruflo-ruvector/skills/vector-setup","ruvnet","ruflo",{"evaluate":628,"extract":634},{"promptVersionExtension":213,"promptVersionScoring":214,"score":217,"tags":629,"targetMarket":225,"tier":226},[630,223,631,632,633],"setup","ruvector","npm","dependencies",{"commitSha":268},{"parentExtensionId":636,"repoId":637},"k17710fw96s8hs1y3j2cye3aa586n523","kd7ed28gj8n0y3msk5dzrp05zs86nqtc",[633,223,632,631,630],{"evaluatedAt":640,"extractAt":641,"updatedAt":640},1778701365160,1778696691708,{"_creationTime":643,"_id":644,"community":645,"display":646,"identity":652,"providers":656,"relations":663,"tags":666,"workflow":667},1778695548458.3691,"k170v9zdk5jd1g1dwtya1fgzfx86n6dm",{"reviewCount":8},{"description":647,"installMethods":648,"name":650,"sourceUrl":651},"Install skills, agents, and teams from agent-almanac into any supported agentic framework using the CLI. Covers framework detection, content search, installation with dependency resolution, health auditing, and manifest-based syncing. Use when setting up a new project with agentic capabilities, installing specific skills or entire domains, targeting multiple frameworks simultaneously, or maintaining a declarative manifest of installed content.\n",{"claudeCode":649},"pjt222/agent-almanac","install-almanac-content","https://github.com/pjt222/agent-almanac",{"basePath":653,"githubOwner":654,"githubRepo":655,"locale":18,"slug":650,"type":262},"skills/install-almanac-content","pjt222","agent-almanac",{"evaluate":657,"extract":662},{"promptVersionExtension":213,"promptVersionScoring":214,"score":217,"tags":658,"targetMarket":225,"tier":226},[603,223,659,660,661],"framework-integration","discovery","agent-management",{"commitSha":268},{"parentExtensionId":664,"repoId":665},"k170h0janaa9kwn7cfgfz2ykss86mmh9","kd7aryv63z61j39n2td1aeqkvh86mh12",[661,603,660,659,223],{"evaluatedAt":668,"extractAt":669,"updatedAt":668},1778698810606,1778695548458,{"_creationTime":671,"_id":672,"community":673,"display":674,"identity":680,"providers":684,"relations":691,"tags":694,"workflow":695},1778699018122.7927,"k172qs5m5jvyrgpd8psfrfmz2s86m9vb",{"reviewCount":8},{"description":675,"installMethods":676,"name":678,"sourceUrl":679},"Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.",{"claudeCode":677},"wshobson/agents","secrets-management","https://github.com/wshobson/agents",{"basePath":681,"githubOwner":682,"githubRepo":683,"locale":18,"slug":678,"type":262},"plugins/cicd-automation/skills/secrets-management","wshobson","agents",{"evaluate":685,"extract":690},{"promptVersionExtension":213,"promptVersionScoring":214,"score":217,"tags":686,"targetMarket":225,"tier":226},[678,687,688,689,220],"ci-cd","vault","aws-secrets-manager",{"commitSha":268},{"parentExtensionId":692,"repoId":693},"k1748zrty6tytzs86tpyrrbaxn86mfmj","kd74de64zj0axtg5b8t7eqqe2x86nske",[689,687,678,220,688],{"evaluatedAt":696,"extractAt":697,"updatedAt":696},1778700789419,1778699018122,{"_creationTime":699,"_id":700,"community":701,"display":702,"identity":708,"providers":713,"relations":721,"tags":724,"workflow":725},1778698175626.3276,"k17cj6pbcgtrw523a4sw8mhcxn86mzvv",{"reviewCount":8},{"description":703,"installMethods":704,"name":706,"sourceUrl":707},"Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.",{"claudeCode":705},"trailofbits/skills","Semgrep Rule Creator","https://github.com/trailofbits/skills",{"basePath":709,"githubOwner":710,"githubRepo":711,"locale":18,"slug":712,"type":262},"plugins/semgrep-rule-creator/skills/semgrep-rule-creator","trailofbits","skills","semgrep-rule-creator",{"evaluate":714,"extract":720},{"promptVersionExtension":213,"promptVersionScoring":214,"score":217,"tags":715,"targetMarket":225,"tier":226},[716,220,717,718,719],"semgrep","static-analysis","code-quality","developer-tools",{"commitSha":268},{"parentExtensionId":722,"repoId":723},"k1757483sd0rdv04r5773w2tb986mb9g","kd7d5sbrd9m157hjv9c7v4wfyn86mk2f",[718,719,220,716,717],{"evaluatedAt":726,"extractAt":727,"updatedAt":726},1778699451460,1778698175626,{"_creationTime":729,"_id":730,"community":731,"display":732,"identity":738,"providers":742,"relations":749,"tags":752,"workflow":753},1778696595410.5671,"k17anj41t8hgk7k78wc98gw6a186n8ks",{"reviewCount":8},{"description":733,"installMethods":734,"name":736,"sourceUrl":737},"Prevent destructive operations using Claude Code hooks. Three modes — cautious (warn on dangerous commands), lockdown (restrict edits to one directory), and clear (remove restrictions). Uses PreToolUse matchers for Bash, Edit, and Write.",{"claudeCode":735},"rohitg00/pro-workflow","safe-mode","https://github.com/rohitg00/pro-workflow",{"basePath":739,"githubOwner":740,"githubRepo":741,"locale":18,"slug":736,"type":262},"skills/safe-mode","rohitg00","pro-workflow",{"evaluate":743,"extract":748},{"promptVersionExtension":213,"promptVersionScoring":214,"score":217,"tags":744,"targetMarket":225,"tier":226},[220,745,746,718,747],"guardrails","operations","hooks",{"commitSha":268},{"parentExtensionId":750,"repoId":751},"k17fxtjcfh5gvxdrhv2dmgn1t986mdhv","kd7am4e918eq98hrd9s31jm4vs86nn0b",[718,745,747,746,220],{"evaluatedAt":754,"extractAt":755,"updatedAt":754},1778696971063,1778696595410]