Stay informed about security risks when browsing ClawHub skills
Chrome extension provides inline security reports and trust scores while browsing ClawHub, enabling quick risk assessment without leaving the platform
SClawHub
SClawHub
Security scanner for OpenClaw AI agent skills
Overview
What it is
OpenClaw agents have full system access. One malicious skill could steal your data or API keys. SClawHub scans every skill for security issues and gives you a trust score (0-100) before you install. Free, transparent, open methodology.
Intent
I need it when
Audit third-party ClawHub skills for vulnerabilities and suspicious network behavior
The scanner uses Semgrep and Claude AI to detect malware, credential theft, network calls, and code execution risks, generating detailed security reports for each scanned skill
Contribute to or customize security scanning for internal skill validation
100% open-source MIT-licensed codebase allows users to audit the scanner logic, contribute improvements, or fork for private deployment within their organization
Verify security of ClawHub skills before using them in production
SClawHub provides automated malware detection, credential theft analysis, and code execution risk assessment with a 0-100 trust score for any ClawHub skill by simply changing the domain from clawhub.ai to sclawhub.com
Drop
Not a fit when
- User needs security scanning for skills outside the ClawHub/OpenClaw ecosystem
- User requires commercial support or SLA guarantees
- User needs real-time threat monitoring or continuous scanning beyond manual skill URL checks
- User operates in an environment where open-source software is not permitted
- User needs scanning for proprietary or closed-source skill platforms other than ClawHub
Commercials
Pricing
Free and open source with no paid tiers