clawsec-suite
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches advisory feeds, release metadata, and skill catalog indexes from vendor-controlled domains (clawsec.prompt.security) and GitHub. These network operations are performed through a secure HTTPS agent that enforces TLS 1.2+, uses modern cipher suites, and validates certificates. Domain allowlisting is implemented to prevent connections to unauthorized hosts.
- [COMMAND_EXECUTION]: Utilizes essential system utilities including
openssl,curl,jq,shasum, andunzipto perform integrity checks and manage skill packages. The use of these tools is strictly scoped to the suite's primary security functions, such as signature verification and archive extraction. - [REMOTE_CODE_EXECUTION]: Implements a guarded installation flow using
npx clawhub. This process is protected by a double-confirmation policy: the initial install request is treated as intent, and a second explicit confirmation is required if the target skill version matches any known security advisories. Integrity is further ensured by verifying detached signatures before any installation proceeds. - [SAFE]: The skill demonstrates high security maturity through the use of restricted file permissions (e.g.,
chmod 600for state files), isolated file I/O modules, and a comprehensive test suite covering fuzzing and regression. Persistence mechanisms, such as the OpenClaw hook and optional cron job, are clearly documented and require explicit user setup.
Audit Metadata