Back to Details

clawsec-clawhub-checker

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

ClawSec ClawHub Checker

ClawSec ClawHub 检查器

Enhances the ClawSec suite's guarded skill installer with ClawHub reputation checks. Adds a second layer of security by checking VirusTotal Code Insight scores and other reputation signals before allowing skill installation.
为ClawSec套件的受防护技能安装器添加ClawHub信誉检查功能。在允许技能安装前,通过检查VirusTotal Code Insight评分及其他信誉信号,增加第二层安全防护。

What It Does

功能介绍

  1. Wraps 
    clawhub install
     - Intercepts skill installation requests
  2. Checks VirusTotal reputation - Uses ClawHub's built-in VirusTotal Code Insight
  3. Adds double confirmation - For suspicious skills (reputation score below threshold)
  4. Integrates with advisory feed - Works alongside existing clawsec-suite advisories
  5. Provides detailed reports - Shows why a skill is flagged as suspicious
  1. 封装
    clawhub install
     - 拦截技能安装请求
  2. 检查VirusTotal信誉 - 利用ClawHub内置的VirusTotal Code Insight功能
  3. 双重确认机制 - 针对可疑技能(信誉评分低于阈值)触发
  4. 集成咨询源 - 与现有clawsec-suite咨询源协同工作
  5. 生成详细报告 - 展示技能被标记为可疑的原因

Installation

安装步骤

This skill must be installed after 
clawsec-suite
:
bash
undefined
该技能必须在安装
clawsec-suite
之后进行安装:
bash
undefined

First install the suite

首先安装套件

npx clawhub@latest install clawsec-suite
npx clawhub@latest install clawsec-suite

Then install the checker

然后安装检查器

npx clawhub@latest install clawsec-clawhub-checker
npx clawhub@latest install clawsec-clawhub-checker

Run the setup script to integrate with clawsec-suite

运行设置脚本以与clawsec-suite集成

node ~/.openclaw/skills/clawsec-clawhub-checker/scripts/setup_reputation_hook.mjs
node ~/.openclaw/skills/clawsec-clawhub-checker/scripts/setup_reputation_hook.mjs

Restart OpenClaw gateway for changes to take effect

重启OpenClaw网关使更改生效

openclaw gateway restart

After setup, the checker adds `enhanced_guarded_install.mjs` and
`guarded_skill_install_wrapper.mjs` under `clawsec-suite/scripts` and updates the advisory
guardian hook. The original `guarded_skill_install.mjs` is not replaced.
openclaw gateway restart

设置完成后,检查器会在`clawsec-suite/scripts`目录下添加`enhanced_guarded_install.mjs`和`guarded_skill_install_wrapper.mjs`,并更新咨询防护钩子。原始的`guarded_skill_install.mjs`不会被替换。

How It Works

工作原理

Enhanced Guarded Installer

增强型受防护安装器

After setup, run the wrapper (drop-in path) or the enhanced script directly:
bash
undefined
设置完成后,可运行封装脚本(兼容原有路径)或直接调用增强脚本:
bash
undefined

Recommended drop-in wrapper

推荐使用的兼容封装脚本

node scripts/guarded_skill_install_wrapper.mjs --skill some-skill --version 1.0.0
node scripts/guarded_skill_install_wrapper.mjs --skill some-skill --version 1.0.0

Or call the enhanced script directly

或直接调用增强脚本

node scripts/enhanced_guarded_install.mjs --skill some-skill --version 1.0.0

The enhanced flow:
1. **Advisory check** (existing) - Checks clawsec advisory feed
2. **Reputation check** (new) - Queries ClawHub for VirusTotal scores
3. **Risk assessment** - Combines advisory + reputation signals
4. **Double confirmation** - If risky, requires explicit `--confirm-reputation`
node scripts/enhanced_guarded_install.mjs --skill some-skill --version 1.0.0

增强流程:
1. **咨询源检查**(原有功能)- 检查clawsec咨询源
2. **信誉检查**(新增功能)- 向ClawHub查询VirusTotal评分
3. **风险评估** - 结合咨询源与信誉信号
4. **双重确认** - 若存在风险,需显式添加`--confirm-reputation`参数

Reputation Signals Checked

检查的信誉信号

  1. VirusTotal Code Insight - Malicious code patterns, external dependencies (Docker usage, network calls, eval usage, crypto keys)
  2. Skill age & updates - New skills vs established ones
  3. Author reputation - Other skills by same author
  4. Download statistics - Popularity signals
  1. VirusTotal Code Insight - 恶意代码模式、外部依赖(Docker使用、网络调用、eval用法、加密密钥)
  2. 技能时长与更新频率 - 新技能与已建立技能的对比
  3. 作者信誉 - 同一作者的其他技能情况
  4. 下载统计 - 流行度信号

Exit Codes

退出码

  • 0
    - Safe to install (no advisories, good reputation)
  • 42
    - Advisory match found (existing behavior)
  • 43
    - Reputation warning (new - requires 
    --confirm-reputation
    )
  • 1
    - Error
  • 0
    - 可安全安装(无咨询告警,信誉良好)
  • 42
    - 匹配到咨询告警(原有行为)
  • 43
    - 信誉警告(新增 - 需要
    --confirm-reputation
    参数)
  • 1
    - 执行错误

Configuration

配置

Environment variables:
  • CLAWHUB_REPUTATION_THRESHOLD
    - Minimum reputation score (0-100, default: 70)
环境变量:
  • CLAWHUB_REPUTATION_THRESHOLD
    - 最低信誉评分(0-100,默认值:70)

Integration with Existing Suite

与现有套件的集成

The checker enhances but doesn't replace existing security:
  • Advisory feed still primary - Known malicious skills blocked first
  • Reputation is secondary - Unknown/suspicious skills get extra scrutiny
  • Double confirmation preserved - Both layers require explicit user approval
检查器仅增强现有安全功能,不会替代:
  • 咨询源仍为核心 - 已知恶意技能会被优先拦截
  • 信誉检查为辅助 - 未知/可疑技能会受到额外审查
  • 保留双重确认 - 两层防护均需用户显式批准

Example Usage

使用示例

bash
undefined
bash
undefined

Try to install a skill

尝试安装某个技能

node scripts/guarded_skill_install_wrapper.mjs --skill suspicious-skill --version 1.0.0
node scripts/guarded_skill_install_wrapper.mjs --skill suspicious-skill --version 1.0.0

Output might show:

输出可能如下:

WARNING: Skill "suspicious-skill" has low reputation score (45/100)

警告:技能"suspicious-skill"信誉评分较低(45/100)

- Flagged by VirusTotal Code Insight: crypto keys, external APIs, eval usage

- 被VirusTotal Code Insight标记:存在加密密钥、外部API调用、eval用法

- Author has no other published skills

- 作者无其他已发布技能

- Skill is less than 7 days old

- 技能发布时长不足7天

To install despite reputation warning, run:

若忽略信誉警告继续安装,请运行:

node scripts/guarded_skill_install_wrapper.mjs --skill suspicious-skill --version 1.0.0 --confirm-reputation

node scripts/guarded_skill_install_wrapper.mjs --skill suspicious-skill --version 1.0.0 --confirm-reputation

Install with confirmation

携带确认参数安装

node scripts/guarded_skill_install_wrapper.mjs --skill suspicious-skill --version 1.0.0 --confirm-reputation
undefined
node scripts/guarded_skill_install_wrapper.mjs --skill suspicious-skill --version 1.0.0 --confirm-reputation
undefined

Safety Notes

安全注意事项

  • This is a defense-in-depth layer, not a replacement for advisory feeds
  • VirusTotal scores are heuristic, not definitive
  • False positives possible - Legitimate skills with novel patterns might be flagged
  • Always review skill code before installing with 
    --confirm-reputation
  • 这是纵深防御层,不能替代咨询源
  • VirusTotal评分为启发式结果,并非绝对准确
  • 可能存在误报 - 具有新颖模式的合法技能可能被标记
  • 使用
    --confirm-reputation
    安装前,务必审查技能代码

Current Limitations

当前限制

Missing OpenClaw Internal Check Data

缺少OpenClaw内部检查数据

ClawHub shows two security badges on skill pages:
  1. VirusTotal Code Insight - ✅ Our checker catches these flags
  2. OpenClaw internal check - ❌ Not exposed via API (only on website)
Example from 
clawsec-suite
page:
  • VirusTotal: "Benign" ✓
  • OpenClaw internal check: "The package is internally consistent with a feed-monitoring / advisory-guardian purpose, but a few operational details and optional bypasses deserve attention before installing."
Our checker cannot access OpenClaw internal check warnings as they're not exposed via 
clawhub
CLI or API.
ClawHub在技能页面显示两个安全标识:
  1. VirusTotal Code Insight - ✅ 本检查器可捕获这些标记
  2. OpenClaw内部检查 - ❌ 未通过API暴露(仅在网站可见)
clawsec-suite
页面为例:
  • VirusTotal:"良性" ✓
  • OpenClaw内部检查:"该软件包在功能上符合 feed监控/咨询防护的用途,但在安装前需注意部分操作细节及可选绕过机制。"
本检查器无法访问OpenClaw内部检查警告,因为它们未通过
clawhub
CLI或API暴露。

Recommendation for ClawHub

对ClawHub的建议

To enable complete reputation checking, ClawHub should expose internal check results via:
  • clawhub inspect --json
    endpoint
  • Additional API field for security tools
  • Or include in 
    clawhub install
    warning output
为实现完整的信誉检查,ClawHub应通过以下方式暴露内部检查结果:
  • clawhub inspect --json
    端点
  • 为安全工具添加额外API字段
  • 或在
    clawhub install
    的警告输出中包含相关信息

Workaround

临时解决方案

Our heuristic checks (skill age, author reputation, downloads, updates) provide similar risk assessment but miss specific operational warnings about bypasses, missing signatures, etc. Always check the ClawHub website for complete security assessment.
我们的启发式检查(技能时长、作者信誉、下载量、更新频率)可提供类似的风险评估,但会遗漏关于绕过机制、缺失签名等特定操作警告。请始终访问ClawHub官网查看完整的安全评估。

Development

开发说明

To modify the reputation checking logic, edit:
  • scripts/enhanced_guarded_install.mjs
    - Main enhanced installer
  • scripts/check_clawhub_reputation.mjs
    - Reputation checking logic
  • hooks/clawsec-advisory-guardian/lib/reputation.mjs
    - Hook integration
如需修改信誉检查逻辑,请编辑以下文件:
  • scripts/enhanced_guarded_install.mjs
    - 主增强安装器
  • scripts/check_clawhub_reputation.mjs
    - 信誉检查逻辑
  • hooks/clawsec-advisory-guardian/lib/reputation.mjs
    - 钩子集成代码

License

许可证

MIT - Part of the ClawSec security suite
MIT协议 - ClawSec安全套件的一部分