Aegean ClawDefender

The skill largely matches its stated purpose (sanitizing input and scanning skills) but contains several oddities and assumptions (hardcoded workspace paths, network install via npx, metadata/version mismatches) that warrant caution before installing or running it on a production system.

This skill appears to implement what it claims (text/URL/prompt scanning and a sanitize wrapper), but proceed carefully: 1) Review the included scripts before running them. They assume and will read/write under /home/clawdbot/clawd (WORKSPACE) — edit that path to a safe location or run in an isolated container if you don't have that directory. 2) The --install flow uses 'npx clawhub install', which downloads and executes remote code; do not run that on production hosts unless you trust the upstream. 3) The code only echoes detections (no obvious exfiltration), but it will create logs/whitelist files — consider file permissions and where those end up. 4) There are small metadata/version inconsistencies in the package (_meta.json vs registry metadata); verify the source/owner before trusting. Recommended: test in a sandbox VM or container, inspect/adjust WORKSPACE and log paths, and avoid running any network-install features until you confirm trust.