Yeeth Claw

v1.0.0

Supply chain security hooks for Claude Code. Intercepts npm, pip, yarn, pnpm, and cargo install commands before execution and checks each package for supply...

⭐ 0· 55·0 current·0 all-time

by@bkojusner

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

Capability signals

Crypto

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description align with the included files: hook.py intercepts Bash install commands, registry/typosquat/argus modules implement the described checks and optional escalation. The files and install script are consistent with a Claude Code PreToolUse hook.

ℹ

Instruction Scope

SKILL.md instructs installing the hook under ~/.claude/hooks/openclaw and registering a PreToolUse hook that runs hook.py. At runtime the hook reads Claude's hook JSON from stdin, inspects Bash commands, queries public registries, and optionally posts blocked-package metadata to an Argus API if env vars are set — these behaviors are in-scope for a supply-chain hook but do involve network requests and (when enabled) external submission of package metadata.

✓

Install Mechanism

No remote downloads or archive extraction in the installer; install.sh copies bundled files into ~/.claude/hooks/openclaw and optionally merges settings with jq. This is a local, transparent install step; user consent is required to run the script.

ℹ

Credentials

The skill does not require environment variables by default. Two optional env vars (OPENCLAW_ARGUS_URL and OPENCLAW_ARGUS_KEY) enable escalation to an external Argus service; if set, the hook will send minimal package metadata (name, ecosystem, age, similarity, install-script flag). Requiring those env vars is proportional and optional, but enabling them transmits data to a third party and should be considered by the user.

✓

Persistence & Privilege

The skill is not always-enabled and does not request elevated or cross-skill privileges. install.sh writes into the user's Claude config directory (~/.claude) which is expected for a hook; it does not modify other skills beyond adding a PreToolUse hook entry (jq merge is optional).

Assessment

This skill appears to do what it claims: inspect package install commands, query public registries, and flag or block suspicious packages. Before installing: (1) inspect the included files yourself (they are bundled and local); (2) back up ~/.claude/settings.json before running the install script or allow the script to merge only with jq; (3) be aware the hook makes outbound requests to public package registries (npm, PyPI, crates.io) and — only if you set OPENCLAW_ARGUS_URL/OPENCLAW_ARGUS_KEY — will it submit blocked-package metadata to that external Argus endpoint. Only set the Argus variables if you trust the receiving service; otherwise leave them unset (the hook will still warn/block locally).

Like a lobster shell, security has layers — review code before you run it.

latestvk97ay3p50f43wb66nbwvk8q0es84akpf

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Yeeth Claw

License

Comments