Crabukit
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (ignore-previous-instructions); human review is required before treating this skill as clean.
This looks reasonable for a security scanner. Before installing, verify the package source, review any scan results before using the install command, and only add the shell wrapper to your shell config if you are comfortable with it loading in future sessions. ClawScan detected prompt-injection indicators (ignore-previous-instructions), so this skill requires review even though the model response was benign.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the scanner misses a risky skill, the install command may still add that skill to the user's agent environment.
The documented CLI can install another skill after scanning it. This is central to the stated purpose and user-directed, but it can still mutate the user's OpenClaw environment.
# 🔒 Safely install a skill (downloads, scans, installs if safe) crabukit install youtube-summarize
Use the install command only for a specific skill you intended to install, and review scan output first for untrusted sources.
Skill names, metadata, or other lookup information may be sent to or processed by Clawdex when that integration is present.
The skill discloses automatic use of an external Clawdex database/scanner when available. That integration is purpose-aligned, but the exact lookup data is not fully described in the provided text.
Crabukit **automatically integrates with Clawdex** if installed: # Now crabukit will: # 1. Check Clawdex database
If scanning private or sensitive skills, confirm what Clawdex receives or disable the integration if external lookup is not acceptable.
Users have less registry-level provenance information for verifying the package they are installing.
The registry metadata does not provide source or homepage provenance, even though the skill is a code package and the documentation references external installation sources.
Source: unknown Homepage: none
Install from a trusted package source or the documented GitHub/PyPI project, and verify the source before using it in sensitive environments.
Future shells will load the wrapper script, so changes to that file could affect later skill installation commands.
The optional wrapper setup persists shell code in future terminal sessions. It is explicit and user-directed, but it changes startup behavior.
cp scripts/claw-safe-install.sh ~/.claw-safe-install.sh # Add to your shell config echo "source ~/.claw-safe-install.sh" >> ~/.zshrc
Review the wrapper before sourcing it, keep the copied file under your control, and remove the .zshrc line if you no longer want the behavior.