← Back to Skills Marketplace
10536
Downloads
8
Stars
76
Active Installs
20
Versions
Install in OpenClaw
/install clawsec-suite
Description
ClawSec suite manager with embedded advisory-feed monitoring, cryptographic signature verification, approval-gated malicious-skill response, and guided setup...
Usage Guidance
Install only if you are comfortable with a security skill that can add persistent OpenClaw hooks and optional unattended cron scans. Before enabling the hook or cron, verify the missing feed-signing key issue with the publisher or supply a trusted key path yourself; avoid CLAWSEC_ALLOW_UNSIGNED_FEED=1 except for a short, intentional migration window. Review the hook files and know how you will disable the hook and cron if the advisory feed or catalog source becomes untrusted.
Capability Assessment
Purpose & Capability
The stated purpose is an advisory-monitoring and guarded-install security suite, and the hook, feed checks, catalog discovery, and double-confirmation install flow generally match that purpose.
Instruction Scope
The skill discloses network fetches, local installed-skill inspection, state-file writes, hook setup, optional cron setup, and guarded installs; some trigger phrases are broad but sensitive setup still requires running explicit scripts.
Install Mechanism
Installation writes into the OpenClaw skills area, can replace the existing clawsec-suite destination, and uses signed release/checksum verification in the manual path; this is powerful but consistent with a skill installer/manager.
Credentials
The package metadata marks advisories/feed-signing-public.pem as required, but the artifact only contains advisories/feed.json; default hook and guarded-install code read that key before loading remote or local feeds, so the advertised fail-closed verification path may not work without an override or unsigned bypass.
Persistence & Privilege
The setup scripts install a persistent hook under ~/.openclaw/hooks and can create an unattended main-session OpenClaw cron job; this is disclosed and purpose-aligned, but it is high-impact persistence with no bundled uninstall/disable workflow in the artifacts reviewed.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clawsec-suite - After installation, invoke the skill by name or use
/clawsec-suite - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.10
Release 0.1.10 via CI
v0.1.9
Release 0.1.9 via CI
v0.1.8
Release 0.1.8 via CI
v0.1.7
Release 0.1.7 via CI
v0.1.6
Release 0.1.6 via CI
v0.1.5
Release 0.1.5 via CI
v0.1.4
Release 0.1.4 via CI
v0.1.3
Release 0.1.3 via CI
v0.1.2
Release 0.1.2 via CI
v0.1.1
Release 0.1.1 via CI
v0.1.0
Release 0.1.0 via CI
v0.0.10
Release 0.0.10 via CI
v0.0.9
Release 0.0.9 via CI
v0.0.8
Release 0.0.8 via CI
v0.0.6
Release 0.0.6 via CI
v0.0.5
Release 0.0.5 via CI
v0.0.4
Release 0.0.4 via CI
v0.0.3
Release 0.0.3 via CI
v0.0.2
Release 0.0.2 via CI
v0.0.1
Release 0.0.1 via CI
Metadata
Frequently Asked Questions
What is clawsec-suite?
ClawSec suite manager with embedded advisory-feed monitoring, cryptographic signature verification, approval-gated malicious-skill response, and guided setup... It is an AI Agent Skill for Claude Code / OpenClaw, with 10536 downloads so far.
How do I install clawsec-suite?
Run "/install clawsec-suite" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is clawsec-suite free?
Yes, clawsec-suite is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does clawsec-suite support?
clawsec-suite is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created clawsec-suite?
It is built and maintained by davida-ps (@davida-ps); the current version is v0.1.10.
More Skills