clawsec-suite
PassAudited by ClawScan on May 16, 2026.
Overview
The skill is a disclosed security-monitoring and suite-management tool, but it adds persistent OpenClaw automation and depends on remote signed feeds/catalogs that users should review before enabling.
Install this only if you want a persistent OpenClaw security monitor and suite manager. Review the setup steps before enabling the hook or cron, keep signed-feed verification on, avoid the unsigned-feed bypass, and require explicit confirmation before any skill install or removal action.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
After setup, the suite may keep checking advisories on OpenClaw events or on a schedule.
This shows the skill can add persistent automation to the user's OpenClaw environment, including an optional scheduled job.
setup scripts install an advisory hook under `~/.openclaw/hooks`, optionally create an unattended `openclaw cron` job
Enable the hook or cron only if you want ongoing monitoring, and review/remove the hook or cron if you no longer need it.
The set of recommended/installable add-on skills can change based on remote catalog metadata.
The add-on skill catalog is retrieved dynamically from a remote index, so catalog integrity and publisher control matter.
Discover the current catalog from the authoritative index (`https://clawsec.prompt.security/skills/index.json`) at runtime
Use the documented verification paths, review catalog output before installing add-ons, and install only from sources you trust.
If enabled, advisory content may be accepted without the normal signature/checksum protections.
The hook includes an explicit emergency bypass for feed verification, although it is not the default and is documented as temporary.
`CLAWSEC_ALLOW_UNSIGNED_FEED`: set to `1` only for temporary migration compatibility; bypasses signature/checksum verification.
Leave unsigned-feed mode disabled except for a short, deliberate troubleshooting window.
The agent may ask you to approve installing, blocking, disabling, or removing skills based on advisory checks.
The suite influences skill installation/removal decisions, which is high-impact agent-environment management, but the artifact says overrides require approval.
the suite can recommend removal or block risky installs, but removal/install overrides stay approval-gated
Treat any install/remove prompt as a security-sensitive action and confirm only after reading the advisory context.
Advisory text can affect what the agent recommends, such as asking you to approve removal of an affected skill.
The hook can inject advisory-derived alert text into OpenClaw messages on monitored events, so the advisory feed influences agent/user guidance.
event.messages.push(buildAlertMessage(unseenMatches, installRoot));
Keep signature verification enabled and review advisory messages as security guidance rather than blindly following them.