mit einem Klick
clawscan
clawscan enthält 4 gesammelte Skills von openclaw, mit Repository-Berufsabdeckung und Skill-Detailseiten auf SkillsMP.
Skills in diesem Repository
Use when running or explaining the ClawScan CLI, including one-off agent-skill scans, benchmark runs, scanner fixtures, judge harness commands, env var validation, and interpreting clawscan-run-v1 and clawscan-benchmark-v1 artifacts.
Pre-commit/ship bundle-only code review: Codex default; optional Claude, Pi, or Droid.
Use when a researcher, maintainer, or contributor found or suspects a malicious skill on ClawHub and needs a private reporting workflow: opening a GitHub private vulnerability report, preparing a proposal-only PR, creating `proposals/<GHSA-ID>/clawscan.yml`, running ClawScan against the malicious skill, and explaining what evidence belongs in private versus public channels.
Use when an OpenClaw maintainer or owner is reviewing a ClawHub malicious-skill profile proposal PR: checking `proposals/<GHSA-ID>/clawscan.yml`, reading the private vulnerability context without leaking it, running the SkillTrustBench Profile Gate or equivalent local benchmark, updating the accepted baseline, and promoting an accepted candidate into `internal/profiles/clawhub/clawscan.yml`.