clawsec-clawhub-checker

ClawHub reputation checker for clawsec-suite. Adds a standalone reputation gate before guarded skill installation.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "clawsec-clawhub-checker" with this command: npx skills add davida-ps/clawsec-clawhub-checker

ClawSec ClawHub Checker

Adds a reputation gate on top of the clawsec-suite guarded installer.

Operational Notes

  • Required runtime: node, clawhub, openclaw
  • Depends on: installed clawsec-suite
  • Side effects: none on other skills; this package does not rewrite installed suite files
  • Advisory-hook wiring is optional and manual in this release
  • Network behavior: reputation checks call ClawHub inspect/search endpoints
  • Trust model: scores are heuristic and confirmation-gated

What It Does

  1. Reads skill metadata from ClawHub (inspect --json)
  2. Evaluates scanner status (including VirusTotal summary when present)
  3. Applies additional reputation heuristics (age, updates, author history, downloads)
  4. Requires explicit --confirm-reputation when score is below threshold

Installation

Install after clawsec-suite:

npx clawhub@latest install clawsec-suite
npx clawhub@latest install clawsec-clawhub-checker

Optional preflight check (validates local paths and prints recommended command):

node ~/.openclaw/skills/clawsec-clawhub-checker/scripts/setup_reputation_hook.mjs

Usage

Run the enhanced installer directly from this skill:

node ~/.openclaw/skills/clawsec-clawhub-checker/scripts/enhanced_guarded_install.mjs \
  --skill some-skill \
  --version 1.0.0

If a skill is below threshold, rerun only with explicit approval:

node ~/.openclaw/skills/clawsec-clawhub-checker/scripts/enhanced_guarded_install.mjs \
  --skill some-skill \
  --version 1.0.0 \
  --confirm-reputation

Optional Advisory-Hook Wiring (Manual)

This release does not auto-patch clawsec-suite hook files.
If you rely on advisory alerts that include reputationWarning / reputationWarnings, wire the checker module manually:

  • Source module: ~/.openclaw/skills/clawsec-clawhub-checker/hooks/clawsec-advisory-guardian/lib/reputation.mjs
  • Target hook file: ~/.openclaw/skills/clawsec-suite/hooks/clawsec-advisory-guardian/handler.ts

Treat that wiring as a deliberate local customization and review it before enabling.

Exit Codes

  • 0 safe to install
  • 42 advisory confirmation required (from clawsec-suite)
  • 43 reputation confirmation required
  • 1 error

Configuration

Environment variables:

  • CLAWHUB_REPUTATION_THRESHOLD - Minimum score (0-100, default: 70)

Safety Notes

  • This is defense-in-depth, not a replacement for advisory matching
  • Scanner outputs can produce false positives and false negatives
  • Always review skill code before overriding warnings

Development

Key files:

  • scripts/enhanced_guarded_install.mjs
  • scripts/check_clawhub_reputation.mjs
  • scripts/setup_reputation_hook.mjs
  • hooks/clawsec-advisory-guardian/lib/reputation.mjs

License

GNU AGPL v3.0 or later - Part of the ClawSec security suite

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

Cclaw

Open-source comedy AI + video editing + poster generation. Create standup/sketch/manzai/scripts, edit videos via FFmpeg, and generate comedy posters via canv...

Registry SourceRecently Updated
3082kreator666
General

Bird Recognition Tool | 鸟类识别工具

Identifies bird species in images/videos of target areas. Supports recognition of no less than 500 common bird species, supports customized model training, s...

Registry SourceRecently Updated
81018072937735
General

Image Amazon Product Image Suite

A professional product image generation skill purpose-built for the Amazon e-commerce platform. Outputs comply with Amazon's image guidelines while optimizin...

Registry SourceRecently Updated
7040dlazyai
General

SearchOnlineAssets

Online asset search tool: queries public stock libraries (Pixabay) for high-quality photos, illustrations, vectors and videos, returning result metadata and...

Registry SourceRecently Updated
6820dlazyai