← Back to Skills Marketplace
chuddyrudd

ClawSentinel

by chuddyrudd · GitHub ↗ · v2.3.5
cross-platform ✓ Security Clean
535
Downloads
0
Stars
1
Active Installs
10
Versions
Install in OpenClaw
/install clawsentinel
Description
Pure local 2026 ClawHub/OpenClaw skill scanner. Detects ClawHavoc malware, MCP backdoors, obfuscated payloads, and supply-chain attacks. 100% read-only analy...
README (SKILL.md)

ClawSentinel v2.3

The sharpest skill auditor in the ClawHavoc era. Scans any skill markdown or GitHub repo for malicious patterns before you install it. Never executes code. Trained on public DataClaw dataset.

Security Guarantees

  • 100% local read-only analysis
  • Only fetches raw.githubusercontent.com when you explicitly audit a public GitHub repo
  • Zero telemetry in base version

How to use

Output Format

Always clean JSON.

Pro Tip

Run ClawSentinel on every skill before installing. ClawHub is infested right now.

Usage Guidance
This skill appears coherent and low-friction, but its claims are high-level and not verifiable from an instruction-only manifest. Before trusting it: (1) do not paste any secrets or private keys into the audit input; treat pasted content as potentially transmitted. (2) Confirm how your agent/platform enforces the 'read-only' and 'no-execution' guarantees (e.g., network access policies, sandboxing). (3) If you need stronger assurance, ask the publisher for source code or a reproducible local script you can run offline, and prefer auditing public repos by manually downloading and reviewing files rather than pasting sensitive material into third-party tools.
Capability Analysis
Type: OpenClaw Skill Name: clawsentinel Version: 2.3.5 The skill bundle describes a security auditing tool named ClawSentinel. Its `SKILL.md` clearly outlines its purpose as a local, read-only scanner for skill markdown and GitHub repositories, explicitly stating it fetches from `raw.githubusercontent.com` only when auditing a public GitHub repo. There is no evidence of malicious intent, data exfiltration, unauthorized execution, or prompt injection instructions designed to compromise the agent or user. The described network activity is consistent with its stated function as a GitHub repository auditor.
Capability Assessment
Purpose & Capability
Name and description (malware/skill scanner) align with the manifest: no install, no credentials, no unusual binaries or config paths are requested. Requesting nothing beyond user input is reasonable for a scanning-only skill.
Instruction Scope
SKILL.md instructs the agent to accept pasted markdown or an explicit GitHub repo URL and to fetch raw.githubusercontent.com only when asked. It explicitly claims 'Never executes code' and '100% local read-only analysis.' The instructions are high-level and do not direct the agent to read local files, env vars, or send data to other endpoints, but they also do not specify the exact checks performed or any safeguards against users pasting secrets. Because behavior is described in prose only, the claim of read-only/no-execution cannot be independently enforced from this manifest.
Install Mechanism
No install spec and no code files—lowest-risk form. Nothing will be written to disk by the skill itself according to the manifest.
Credentials
The skill declares no required environment variables, credentials, or config paths, which is proportionate to a read-only static scanner. Note: auditing private repos would normally require credentials, but none are requested here.
Persistence & Privilege
always is false and the skill does not request any persistent presence or system-level changes. Autonomous invocation is allowed by default but is not combined with other privilege escalations here.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install clawsentinel
  3. After installation, invoke the skill by name or use /clawsentinel
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.3.5
- Version rollback to 2.3.4 with a simplified feature set. - Restores pure local, read-only skill scanning—no attestations, remediation chains, or human escalation. - Detects ClawHavoc malware, MCP backdoors, obfuscated payloads, and supply-chain attacks with zero code execution. - No telemetry and fetches from GitHub only when explicitly auditing a repo. - Output limited to clean JSON for every audit. - Pro tip: Scan every skill before installation for maximum protection.
v2.3.4
**Major upgrade: ClawSentinel v3.0 "Legion Enhanced" introduces proof-backed attestations, automated remediation, and human escalation for skill security audits.** - Each audit now produces a signed attestation with hashes and pattern signatures for verifiable, tamper-evident results. - Automated remediation chains and actionable "next_actions" guide skill quarantine, admin notification, and safe replacement suggestions. - Confidence-based escalation: uncertain findings are automatically routed to human experts for review. - Intelligent caching with L0/L1 layers boosts speed and serves cached audits with stale-while-revalidate logic. - Reputation ledger and detailed trust metrics provide transparency and measurable auditor performance. - Expanded detection: now includes advanced ClawHavoc, wallet-drain, and agent/prompt-injection signatures. - Fully updated, detailed JSON output schema for clearer, auditable results.
v2.3.3
- Rolled back to version 2.3.3 with simplified functionality and description. - Focuses on pure local, read-only skill scanning for ClawHavoc malware, MCP backdoors, obfuscated payloads, and supply-chain attacks. - Removes attestation, automated remediation chains, human escalation, caching layers, and reputation tracking. - Output is a clean JSON report; no code execution or telemetry. - Usage instructions updated for local markdown and GitHub audits.
v3.0.0
v3.0 Legion Enhanced - Attestations, remediation chains, human escalation, L0/L1 caching, 12 ClawHavoc patterns
v2.3.2
- Minor update to documentation: clarified that there is "Zero telemetry" (removed "in base version"). - No changes to code or core functionality.
v2.3.1
v2.3.1 - Rollback to exact v2.3 Benign version
v2.4.2
v2.4.2 - SEO optimizations with better keywords and tags
v2.4.1
- Rolled back to version 2.3 from 2.4.1; no code or content changes detected. - Updated skill version and some descriptive text in SKILL.md to reflect the previous version. - No new features, bug fixes, or removals in this release.
v2.4.0
v2.4 - Full transparency on how it works, reproducible local verification, killed the last nitpick
v2.3.0
v2.3 - Clean rename from Safe Skill Auditor
Metadata
Slug clawsentinel
Version 2.3.5
License
All-time Installs 2
Active Installs 1
Total Versions 10
Frequently Asked Questions

What is ClawSentinel?

Pure local 2026 ClawHub/OpenClaw skill scanner. Detects ClawHavoc malware, MCP backdoors, obfuscated payloads, and supply-chain attacks. 100% read-only analy... It is an AI Agent Skill for Claude Code / OpenClaw, with 535 downloads so far.

How do I install ClawSentinel?

Run "/install clawsentinel" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is ClawSentinel free?

Yes, ClawSentinel is completely free (open-source). You can download, install and use it at no cost.

Which platforms does ClawSentinel support?

ClawSentinel is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created ClawSentinel?

It is built and maintained by chuddyrudd (@chuddyrudd); the current version is v2.3.5.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments