Offline security scanner for ClawHub skills — detect unsafe patterns before installation.

CrawSecure

CrawSecure is an offline security analysis skill designed to help users evaluate potential risks in ClawHub / OpenClaw skills before installing or trusting them.

It promotes safer usage, transparency, and awareness when working with third-party skills.

🚨 Risk Signals Analyzed

• Dangerous command patterns (e.g. destructive or execution-related behavior)
• References to sensitive files or credentials
• Indicators of unsafe or risky practices

🔒 Security Philosophy

• Read-only analysis
• No network access
• No code execution
• No file modifications

CrawSecure exists to increase trust inside the ClawHub ecosystem.

⚙️ Execution Model

CrawSecure does NOT execute or install any third-party code.

This skill provides a local CLI tool that users run manually.

Using npx (recommended)

npx crawsecure ./path-to-skill