ClawHub

Yeeth Claw

v1.0.0

Supply chain security hooks for Claude Code. Intercepts npm, pip, yarn, pnpm, and cargo install commands before execution and checks each package for supply...

0· 93·0 current·0 all-time
by@bkojusner

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for bkojusner/yeeth-claw.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Yeeth Claw" (bkojusner/yeeth-claw) from ClawHub.
Skill page: https://clawhub.ai/bkojusner/yeeth-claw
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install yeeth-claw

ClawHub CLI

Package manager switcher

npx clawhub@latest install yeeth-claw
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with the included files: hook.py intercepts Bash install commands, registry/typosquat/argus modules implement the described checks and optional escalation. The files and install script are consistent with a Claude Code PreToolUse hook.
Instruction Scope
SKILL.md instructs installing the hook under ~/.claude/hooks/openclaw and registering a PreToolUse hook that runs hook.py. At runtime the hook reads Claude's hook JSON from stdin, inspects Bash commands, queries public registries, and optionally posts blocked-package metadata to an Argus API if env vars are set — these behaviors are in-scope for a supply-chain hook but do involve network requests and (when enabled) external submission of package metadata.
Install Mechanism
No remote downloads or archive extraction in the installer; install.sh copies bundled files into ~/.claude/hooks/openclaw and optionally merges settings with jq. This is a local, transparent install step; user consent is required to run the script.
Credentials
The skill does not require environment variables by default. Two optional env vars (OPENCLAW_ARGUS_URL and OPENCLAW_ARGUS_KEY) enable escalation to an external Argus service; if set, the hook will send minimal package metadata (name, ecosystem, age, similarity, install-script flag). Requiring those env vars is proportional and optional, but enabling them transmits data to a third party and should be considered by the user.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or cross-skill privileges. install.sh writes into the user's Claude config directory (~/.claude) which is expected for a hook; it does not modify other skills beyond adding a PreToolUse hook entry (jq merge is optional).
Assessment
This skill appears to do what it claims: inspect package install commands, query public registries, and flag or block suspicious packages. Before installing: (1) inspect the included files yourself (they are bundled and local); (2) back up ~/.claude/settings.json before running the install script or allow the script to merge only with jq; (3) be aware the hook makes outbound requests to public package registries (npm, PyPI, crates.io) and — only if you set OPENCLAW_ARGUS_URL/OPENCLAW_ARGUS_KEY — will it submit blocked-package metadata to that external Argus endpoint. Only set the Argus variables if you trust the receiving service; otherwise leave them unset (the hook will still warn/block locally).

Like a lobster shell, security has layers — review code before you run it.

latestvk97ay3p50f43wb66nbwvk8q0es84akpf
93downloads
0stars
1versions
Updated 3w ago
v1.0.0
MIT-0
@bkojusner
latest
Download

yeeth-claw

Claude Code hooks for supply chain security. Intercepts package installation commands and flags suspicious packages before Claude executes them.

Hooks

OpenClaw

PreToolUse hook that watches npm install, pip install, yarn add, pnpm add, and cargo add commands. For each package it checks:

  1. Package age — packages published < 30 days ago are flagged; < 7 days triggers a block
  2. Typosquat detection — Levenshtein distance against ~100 high-value targets per ecosystem (npm, PyPI, crates.io)
  3. Install scripts — postinstall hooks on flagged packages are noted as an additional risk signal

Risk tiers:

TierConditionExit code
WARNAge < 30d or typosquat score ≥ 0.651 (non-blocking)
BLOCKAge < 7d and typosquat hit, or score ≥ 0.852 (blocks install)
ARGUSAny BLOCK + Argus API configured2 + submits for full analysis

Installation

git clone https://github.com/yeeth-security/yeeth-claw.git
cd yeeth-claw/hooks/openclaw
bash install.sh

The install script copies the hook to ~/.claude/hooks/openclaw/ and merges the Claude Code settings if jq is available.

Restart Claude Code after installation for the hook to take effect.

Argus Integration

To enable full package analysis via the Argus API:

export OPENCLAW_ARGUS_URL=https://app.yeethsecurity.com
export OPENCLAW_ARGUS_KEY=<your-api-key>

When both are set, any BLOCK-tier package is submitted to Argus for full static analysis and the job URL is included in the block message.

Requirements

  • Python 3.8+
  • No third-party dependencies (stdlib only)

Claude Code settings snippet

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Bash",
        "hooks": [
          {
            "type": "command",
            "command": "python3 ~/.claude/hooks/openclaw/hook.py"
          }
        ]
      }
    ]
  }
}

Comments

Loading comments...