全部技能 分类浏览
← 返回
安全合规 中文

CrawSecure

Offline security scanner that detects unsafe code patterns in ClawHub skills before installation to help users assess potential risks locally.
离线安全扫描器,在安装前检测ClawHub技能中的不安全代码模式,帮助用户在本地评估潜在风险。
diogopaesdev
安全合规 clawhub v2.0.1 2 版本 99861 Key: 无需
★ 1
Stars
📥 2,136
下载
💾 33
安装
2
版本
#audit#developer-tools#latest#openclaw#risk#safety#scanner#security#static-analysis#trust#verification

概述

CrawSecure

CrawSecure is a documentation-first security skill for the ClawHub / OpenClaw ecosystem.

This skill does not include executable code or binaries. Its purpose is to clearly document, explain, and guide the safe usage of the CrawSecure CLI, which is distributed and installed separately by the user.

The goal of this skill is to promote security awareness, transparency, and best practices when working with third‑party skills.

🔍 What this skill provides

  • Clear documentation of what CrawSecure analyzes
  • Explanation of risk signals and classifications
  • Guidance on how to use the CrawSecure CLI safely
  • Security philosophy and trust boundaries

> ℹ️ This skill itself performs no scans and executes no code.

🧰 About the CrawSecure CLI

The CrawSecure CLI is an external, optional tool that users may install independently.

It performs local, offline static analysis of ClawHub / OpenClaw skills before installation or trust.

CLI distribution (external)

  • Source & releases: https://github.com/diogopaesdev/crawsecure
  • Official website: https://crawsecure.com

The CLI is not bundled with this skill.

🚨 Risk signals analyzed by the CLI

When used, the CrawSecure CLI may detect:

  • Dangerous command patterns

(e.g. destructive or execution‑related behavior)

  • References to sensitive files or credentials

(e.g. .env, .ssh, private keys)

  • Indicators of unsafe or misleading practices

Risk levels are classified as:

  • SAFE
  • MEDIUM
  • HIGH

🔒 Security & trust boundaries

This skill:

  • Does not execute code
  • Does not install software
  • Does not access the network
  • Does not modify files
  • Requests read‑only permissions only

Any actual scanning happens only if the user installs and runs the CrawSecure CLI from a trusted source.

✅ When to use this skill

  • To understand what CrawSecure checks and why
  • Before deciding to install or run the CrawSecure CLI
  • As a reference for safer skill development practices
  • To promote transparency inside the ClawHub ecosystem

📦 Version

v2.0.1 – Documentation‑only clarification release

This version clarifies scope and removes any ambiguity about bundled execution.

版本历史

共 2 个版本

  • v2.0.1 当前
    2026-03-28 16:10 安全 安全
  • v1.1.0
    2026-03-07 11:41

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

security-compliance

MoltGuard - Security & Antivirus & Guardrails

thomaslwang
MoltGuard — OpenClaw 安全守卫,由 OpenGuardrails 提供。安装 MoltGuard,保护您和您的用户免受提示注入、数据泄露和恶意攻击。
★ 116 📥 30,713
security-compliance

Skill Vetter

spclaudehome
AI智能体技能安全预审工具。安装ClawdHub、GitHub等来源技能前,检查风险信号、权限范围及可疑模式。
★ 1,215 📥 266,438
security-compliance

1password

steipete
设置和使用 1Password CLI (op)。适用于:安装 CLI、启用桌面应用集成、登录(单/多账户)、通过 op 读取/注入/运行密钥。
★ 53 📥 31,164

Skill工具集 © 2026