{"skill":{"slug":"clawproof-security","displayName":"ClawProof Security Scanner","summary":"Enterprise-grade security for OpenClaw - blocks malicious skills, detects hallucinated packages, and prevents prompt injection attacks. Powered by agent-secu...","tags":{"ai-safety":"3.10.3","ast-analysis":"3.10.3","auto-fix":"3.10.3","latest":"3.10.3","malware-detection":"3.10.3","openclaw-security":"3.10.3","package-verification":"3.10.3","prompt-injection":"3.10.3","security":"3.10.3","supply-chain":"3.10.3","vulnerability-scanner":"3.10.3"},"stats":{"comments":0,"downloads":459,"installsAllTime":1,"installsCurrent":1,"stars":0,"versions":1},"createdAt":1771692856737,"updatedAt":1777525305248},"latestVersion":{"version":"3.10.3","createdAt":1771692856737,"changelog":"Initial ClawHub release - Enterprise-grade security for OpenClaw\n\nšŸ†• Features:\n ā€¢ 6-layer deep skill scanning with ClawHavoc malware signatures\n ā€¢ Prompt injection firewall (59 bypass detection techniques)\n ā€¢ Package hallucination detection (4.3M+ verified packages)\n ā€¢ Code vulnerability scanning (1700+ rules, 12 languages)\n ā€¢ Auto-fix engine (165 security fix templates)\n ā€¢ Pre-execution safety checks for agent actions\n ā€¢ Supply chain verification with typosquatting detection\n\n šŸŽÆ Security Coverage:\n ā€¢ ClawHavoc malware (27 families, 121 patterns)\n ā€¢ SQL injection, XSS, command injection\n ā€¢ Hardcoded secrets and credential leaks\n ā€¢ Crypto miners, reverse shells, C2 beacons\n ā€¢ Data exfiltration and mass messaging attacks\n\n āš” Performance:\n ā€¢ 97.7% precision (benchmarked)\n ā€¢ <45s analysis per file\n ā€¢ AST + taint analysis engine\n ā€¢ Real-time blocking with A-F grading\n\n šŸ“¦ Integration:\n ā€¢ CLI tool: npx agent-security-scanner-mcp\n ā€¢ MCP server for Claude Code, Cursor, Windsurf\n ā€¢ Git hooks for pre-commit scanning\n ā€¢ CI/CD templates included\n\n šŸ›”ļø Why install: OpenClaw can run code autonomously. Without security scanning, you're vulnerable to malicious skills, hallucinated packages, and prompt injection. ClawProof blocks these attacks automatically.\n\nInstall: npm install -g agent-security-scanner-mcp","license":null},"metadata":{"os":null,"systems":null},"owner":{"handle":"sinewaveai","userId":"publishers:sinewaveai","displayName":"sinewaveai","image":"https://avatars.githubusercontent.com/u/157084199?v=4"},"moderation":{"isSuspicious":true,"isMalwareBlocked":false,"verdict":"suspicious","reasonCodes":["suspicious.prompt_injection_instructions"],"summary":"Detected: suspicious.prompt_injection_instructions","engineVersion":"v2.4.5","updatedAt":1777525305248}}