Clawdhub
SuspiciousAudited by ClawScan on May 1, 2026.
Overview
This skill is a review item because it can install, update, and publish agent skills, including a force update of all installed skills without prompts.
Install this only if you trust the clawdhub npm package and ClawdHub registry. Before using it, set a rule that the agent must ask before installing, updating, force-updating, updating all skills, or publishing. Prefer pinned versions, avoid no-input force updates unless you explicitly requested them, and review any skill before installing or publishing it.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overbroad invocation could change many installed agent skills and alter future agent behavior without an interactive prompt.
The skill grants the agent broad authority to mutate installed skills, including a no-prompt forced bulk update path, without instructions requiring explicit user confirmation, review, pinning, backup, or rollback.
Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, or publish new/updated skill folders... clawdhub update --all --no-input --force
Require explicit user approval before install, update, update --all, force/no-input, or publish operations; prefer pinned versions; avoid --all --force --no-input unless the user specifically requests it.
Using the skill means trusting the npm package, the selected registry, and the skills retrieved from it.
The skill depends on an unpinned globally installed npm CLI and an external registry that can install or update skills, often to latest by default. This is disclosed and central to the skill, but it is a supply-chain trust point.
npm i -g clawdhub ... Default registry: https://clawdhub.com (override with CLAWDHUB_REGISTRY or --registry) ... upgrades to latest unless --version is set
Install the CLI only from a trusted source, pin versions when possible, review skill metadata before installing, and be cautious with registry overrides.
If used with the wrong account or excessive permissions, the skill could publish or modify registry content under that account.
Publishing requires an authenticated ClawdHub account/session. This is expected for publishing, but it gives the CLI delegated account authority.
Auth (publish) clawdhub login clawdhub whoami ... clawdhub publish ./my-skill --slug my-skill --name "My Skill" --version 1.2.0
Use a dedicated or least-privileged ClawdHub account for publishing, confirm the target slug/version before publishing, and log out or rotate credentials if access is no longer needed.