Clawdbot Security Suite
Alert level: High
Runtime security toolkit for validating commands, URLs, content, and threat patterns.
Locality:Local
Data access:Sensitive
Actions:Execute
Installs 6Downloads 1004Stars 7Updated 10h ago
Why this rating
Deterministic checks triggered by the tool capabilities and evidence.
- Locality: Local
It runs local `security.sh` commands to validate command strings, URL targets, paths, and content before other tools execute.
- Data access: Sensitive
It scans command strings, possible API keys, and potentially unsafe user-provided payloads.
- Action surface: Execute
It is invoked directly before command execution and can update detection patterns/events.
Best practices
Follow these steps to reduce risk when using this skill.
- Block execution by default when validation output is uncertain or degraded.
- Store security event logs in access-controlled locations and rotate them regularly.
- Pin and review threat-pattern updates before enabling them in production workflows.
Evidence links
Public sources backing the indicator assignments.
ClawHubClawdbot Security Suite RepositoryOWASP SSRF Prevention Cheat SheetOWASP Injection Prevention Cheat Sheet
Always be careful when navigating away from the website.
Max-risk rule
If any capability reaches a higher level, the entire indicator level bumps up to keep ratings deterministic and easy to scan.