{ "schemaVersion": "1.0", "item": { "slug": "crawsecure", "name": "CrawSecure", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/diogopaesdev/crawsecure", "canonicalUrl": "https://clawhub.ai/diogopaesdev/crawsecure", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/crawsecure", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=crawsecure", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md", "DESCRIPTION.txt" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/crawsecure" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/crawsecure", "agentPageUrl": "https://openagent3.xyz/skills/crawsecure/agent", "manifestUrl": "https://openagent3.xyz/skills/crawsecure/agent.json", "briefUrl": "https://openagent3.xyz/skills/crawsecure/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "CrawSecure", "body": "CrawSecure is a documentation-first security skill for the ClawHub / OpenClaw ecosystem.\n\nThis skill does not include executable code or binaries. Its purpose is to clearly document, explain, and guide the safe usage of the CrawSecure CLI, which is distributed and installed separately by the user.\n\nThe goal of this skill is to promote security awareness, transparency, and best practices when working with third‑party skills." }, { "title": "🔍 What this skill provides", "body": "Clear documentation of what CrawSecure analyzes\nExplanation of risk signals and classifications\nGuidance on how to use the CrawSecure CLI safely\nSecurity philosophy and trust boundaries\n\nℹ️ This skill itself performs no scans and executes no code." }, { "title": "🧰 About the CrawSecure CLI", "body": "The CrawSecure CLI is an external, optional tool that users may install independently.\n\nIt performs local, offline static analysis of ClawHub / OpenClaw skills before installation or trust." }, { "title": "CLI distribution (external)", "body": "Source & releases: https://github.com/diogopaesdev/crawsecure\nOfficial website: https://crawsecure.com\n\nThe CLI is not bundled with this skill." }, { "title": "🚨 Risk signals analyzed by the CLI", "body": "When used, the CrawSecure CLI may detect:\n\nDangerous command patterns\n(e.g. destructive or execution‑related behavior)\nReferences to sensitive files or credentials\n(e.g. .env, .ssh, private keys)\nIndicators of unsafe or misleading practices\n\nRisk levels are classified as:\n\nSAFE\nMEDIUM\nHIGH" }, { "title": "🔒 Security & trust boundaries", "body": "This skill:\n\nDoes not execute code\nDoes not install software\nDoes not access the network\nDoes not modify files\nRequests read‑only permissions only\n\nAny actual scanning happens only if the user installs and runs the CrawSecure CLI from a trusted source." }, { "title": "✅ When to use this skill", "body": "To understand what CrawSecure checks and why\nBefore deciding to install or run the CrawSecure CLI\nAs a reference for safer skill development practices\nTo promote transparency inside the ClawHub ecosystem" }, { "title": "📦 Version", "body": "v2.0.1 – Documentation‑only clarification release\n\nThis version clarifies scope and removes any ambiguity about bundled execution." } ], "body": "CrawSecure\n\nCrawSecure is a documentation-first security skill for the ClawHub / OpenClaw ecosystem.\n\nThis skill does not include executable code or binaries. Its purpose is to clearly document, explain, and guide the safe usage of the CrawSecure CLI, which is distributed and installed separately by the user.\n\nThe goal of this skill is to promote security awareness, transparency, and best practices when working with third‑party skills.\n\n🔍 What this skill provides\nClear documentation of what CrawSecure analyzes\nExplanation of risk signals and classifications\nGuidance on how to use the CrawSecure CLI safely\nSecurity philosophy and trust boundaries\n\nℹ️ This skill itself performs no scans and executes no code.\n\n🧰 About the CrawSecure CLI\n\nThe CrawSecure CLI is an external, optional tool that users may install independently.\n\nIt performs local, offline static analysis of ClawHub / OpenClaw skills before installation or trust.\n\nCLI distribution (external)\nSource & releases: https://github.com/diogopaesdev/crawsecure\nOfficial website: https://crawsecure.com\n\nThe CLI is not bundled with this skill.\n\n🚨 Risk signals analyzed by the CLI\n\nWhen used, the CrawSecure CLI may detect:\n\nDangerous command patterns\n(e.g. destructive or execution‑related behavior)\nReferences to sensitive files or credentials\n(e.g. .env, .ssh, private keys)\nIndicators of unsafe or misleading practices\n\nRisk levels are classified as:\n\nSAFE\nMEDIUM\nHIGH\n🔒 Security & trust boundaries\n\nThis skill:\n\nDoes not execute code\nDoes not install software\nDoes not access the network\nDoes not modify files\nRequests read‑only permissions only\n\nAny actual scanning happens only if the user installs and runs the CrawSecure CLI from a trusted source.\n\n✅ When to use this skill\nTo understand what CrawSecure checks and why\nBefore deciding to install or run the CrawSecure CLI\nAs a reference for safer skill development practices\nTo promote transparency inside the ClawHub ecosystem\n📦 Version\n\nv2.0.1 – Documentation‑only clarification release\n\nThis version clarifies scope and removes any ambiguity about bundled execution." }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/diogopaesdev/crawsecure", "publisherUrl": "https://clawhub.ai/diogopaesdev/crawsecure", "owner": "diogopaesdev", "version": "2.0.1", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/crawsecure", "downloadUrl": "https://openagent3.xyz/downloads/crawsecure", "agentUrl": "https://openagent3.xyz/skills/crawsecure/agent", "manifestUrl": "https://openagent3.xyz/skills/crawsecure/agent.json", "briefUrl": "https://openagent3.xyz/skills/crawsecure/agent.md" } }