CrawSecure
by @diogopaesdev
Offline security scanner that detects unsafe code patterns in ClawHub skills before installation to help users assess potential risks locally.
clawhub install crawsecure📖 About This Skill
CrawSecure
CrawSecure is a documentation-first security skill for the ClawHub / OpenClaw ecosystem.
This skill does not include executable code or binaries. Its purpose is to clearly document, explain, and guide the safe usage of the CrawSecure CLI, which is distributed and installed separately by the user.
The goal of this skill is to promote security awareness, transparency, and best practices when working with third‑party skills.
🔍 What this skill provides
> ℹ️ This skill itself performs no scans and executes no code.
🧰 About the CrawSecure CLI
The CrawSecure CLI is an external, optional tool that users may install independently.
It performs local, offline static analysis of ClawHub / OpenClaw skills before installation or trust.
CLI distribution (external)
The CLI is not bundled with this skill.
🚨 Risk signals analyzed by the CLI
When used, the CrawSecure CLI may detect:
.env, .ssh, private keys)
Risk levels are classified as:
🔒 Security & trust boundaries
This skill:
Any actual scanning happens only if the user installs and runs the CrawSecure CLI from a trusted source.
✅ When to use this skill
📦 Version
v2.0.1 – Documentation‑only clarification release
This version clarifies scope and removes any ambiguity about bundled execution.