clawsec-scanner

Mostly purpose-aligned security tooling, not a clear credential-harvesting skill. Main risks come from executing untrusted hook code during DAST, event-driven autonomous scans, and recommended transitive installation via clawhub; overall suspicious/high-risk from an agent-safety standpoint but not confirmed malware.