{ "schemaVersion": "1.0", "item": { "slug": "pincer", "name": "Pincer", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/panzacoder/pincer", "canonicalUrl": "https://clawhub.ai/panzacoder/pincer", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/pincer", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=pincer", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "README.md", "SKILL.md", "_meta.json", "scripts/pincer.sh" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/pincer" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/pincer", "agentPageUrl": "https://openagent3.xyz/skills/pincer/agent", "manifestUrl": "https://openagent3.xyz/skills/pincer/agent.json", "briefUrl": "https://openagent3.xyz/skills/pincer/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "pincer 🛡️", "body": "Security-first wrapper for clawhub install. Scans skills for malware, prompt injection, and suspicious patterns before installation." }, { "title": "Why?", "body": "Agent skills are powerful — they're basically executable documentation. The ClawHub ecosystem has already seen malware campaigns distributing infostealers via innocent-looking skills. pincer adds a security layer before you install anything." }, { "title": "Install", "body": "# From ClawHub\nclawhub install pincer\n\n# Or manually\nchmod +x ./scripts/pincer.sh\nln -sf \"$(pwd)/scripts/pincer.sh\" ~/.local/bin/pincer\n\nDependencies:\n\nclawhub — for fetching skills\nuvx — for mcp-scan (brew install uv)\njq — for JSON parsing" }, { "title": "Safe Install", "body": "# Instead of: clawhub install some-skill\npincer install some-skill\n\n# With specific version\npincer install some-skill@1.2.0" }, { "title": "Scan Without Installing", "body": "# Scan a ClawHub skill\npincer scan some-skill\n\n# Scan a local directory\npincer scan ./path/to/skill\n\n# JSON output for automation\npincer scan some-skill --json" }, { "title": "Audit Installed Skills", "body": "# Quick-scan all installed skills\npincer audit\n\n# JSON output\npincer audit --json" }, { "title": "Manage Trust", "body": "# Add trusted publisher (auto-approve clean skills)\npincer trust add steipete\n\n# Remove from trusted\npincer trust remove old-publisher\n\n# Block a publisher or skill\npincer trust block suspicious-dev\npincer trust block malware-skill\n\n# Unblock\npincer trust unblock redeemed-dev\n\n# List all trust settings\npincer trust list" }, { "title": "View History", "body": "# See what you've installed\npincer history\n\n# JSON output\npincer history --json" }, { "title": "Configuration", "body": "# Show current config\npincer config show\n\n# Edit in $EDITOR\npincer config edit\n\n# Reset to defaults\npincer config reset" }, { "title": "Via mcp-scan (Invariant Labs)", "body": "Prompt injection attacks\nMalware payloads in natural language\nTool poisoning\nSensitive data exposure\nHard-coded secrets" }, { "title": "Additional Pattern Detection", "body": "PatternRiskDescriptionBase64 commands🚨 HighEncoded shell commandsHex payloads🚨 HighObfuscated binary dataxattr -d quarantine🚨 HighmacOS Gatekeeper bypasscurl | sh🚨 HighPipe to shell executionPassword archives🚨 HighHidden malicious payloadsDownload + execute⚠️ Mediumchmod +x && ./ patternseval $var⚠️ MediumDynamic code executionHidden files⚠️ MediumDot-file creationPersistence⚠️ Mediumcron/launchd entries" }, { "title": "Publisher & Provenance", "body": "Publisher reputation (trusted list)\nDownload count threshold\nSkill age threshold\nBlocklist checking" }, { "title": "Binary Detection", "body": "Scans for bundled executables\nFlags Mach-O, ELF, PE32 binaries" }, { "title": "Risk Levels", "body": "LevelMeaningAction✅ CLEANNo issuesAuto-approve if trusted publisher⚠️ CAUTIONWarnings presentPrompt for approval🚨 DANGERSuspicious patternsBlock (override with --force)☠️ MALWAREKnown maliciousBlock (cannot override)⛔ BLOCKEDOn blocklistBlock (cannot override)" }, { "title": "Configuration", "body": "Config: ~/.config/pincer/config.json\n\n{\n \"trustedPublishers\": [\"openclaw\", \"steipete\", \"invariantlabs-ai\"],\n \"blockedPublishers\": [],\n \"blockedSkills\": [],\n \"autoApprove\": \"clean\",\n \"logInstalls\": true,\n \"minDownloads\": 0,\n \"minAgeDays\": 0\n}\n\nKeyDescriptiontrustedPublishersPublishers whose clean skills auto-approveblockedPublishersAlways block these publishersblockedSkillsAlways block these specific skillsautoApprove\"clean\" = auto-approve clean+trusted, \"never\" = always promptlogInstallsLog installations to history fileminDownloadsWarn if skill has fewer downloadsminAgeDaysWarn if skill is newer than N days" }, { "title": "Clean Install", "body": "$ pincer install bird\n🛡️ pincer v1.0.0\n\n → Fetching bird from ClawHub...\n Publisher: steipete (trusted)\n Stats: 7363 downloads · 27 ★ · created 1 month ago\n\n🛡️ pincer Scanning bird...\n\n → Running mcp-scan...\n ✅ mcp-scan: passed\n → Checking for suspicious patterns...\n ✅ Pattern check: passed\n → Checking external URLs...\n ✅ URL check: passed\n → Checking for bundled binaries...\n ✅ Binary check: passed\n\nRisk Assessment:\n ✅ CLEAN — No issues detected\n\n → Auto-approved (clean + trusted config).\n → Installing bird...\n ✅ Installed successfully!" }, { "title": "Dangerous Skill Blocked", "body": "$ pincer install sketchy-tool\n🛡️ pincer v1.0.0\n\n → Fetching sketchy-tool from ClawHub...\n Publisher: newaccount (unknown)\n Stats: 12 downloads · 0 ★ · created 2 days ago\n\n🛡️ pincer Scanning sketchy-tool...\n\n → Running mcp-scan...\n 🚨 mcp-scan: high-risk warnings\n → Checking for suspicious patterns...\n 🚨 Pattern check: suspicious patterns found\n • curl/wget piped to shell\n • macOS quarantine removal (xattr)\n → Checking external URLs...\n ⚠️ URL check: external URLs found\n • http://sketchy-domain.xyz/install\n → Checking for bundled binaries...\n ✅ Binary check: passed\n\nRisk Assessment:\n 🚨 DANGER — Suspicious patterns detected\n • mcp-scan: high-risk patterns detected\n • curl/wget piped to shell\n • macOS quarantine removal (xattr)\n\n ☠️ Install blocked. Use --force to override (not recommended)." }, { "title": "Credits", "body": "mcp-scan by Invariant Labs — core security scanning\n1Password Security Research — threat analysis that inspired this tool\nSnyk ToxicSkills Report — ecosystem threat research" }, { "title": "License", "body": "MIT\n\nStay safe out there. 🛡️" } ], "body": "pincer 🛡️\n\nSecurity-first wrapper for clawhub install. Scans skills for malware, prompt injection, and suspicious patterns before installation.\n\nWhy?\n\nAgent skills are powerful — they're basically executable documentation. The ClawHub ecosystem has already seen malware campaigns distributing infostealers via innocent-looking skills. pincer adds a security layer before you install anything.\n\nInstall\n# From ClawHub\nclawhub install pincer\n\n# Or manually\nchmod +x ./scripts/pincer.sh\nln -sf \"$(pwd)/scripts/pincer.sh\" ~/.local/bin/pincer\n\n\nDependencies:\n\nclawhub — for fetching skills\nuvx — for mcp-scan (brew install uv)\njq — for JSON parsing\nUsage\nSafe Install\n# Instead of: clawhub install some-skill\npincer install some-skill\n\n# With specific version\npincer install some-skill@1.2.0\n\nScan Without Installing\n# Scan a ClawHub skill\npincer scan some-skill\n\n# Scan a local directory\npincer scan ./path/to/skill\n\n# JSON output for automation\npincer scan some-skill --json\n\nAudit Installed Skills\n# Quick-scan all installed skills\npincer audit\n\n# JSON output\npincer audit --json\n\nManage Trust\n# Add trusted publisher (auto-approve clean skills)\npincer trust add steipete\n\n# Remove from trusted\npincer trust remove old-publisher\n\n# Block a publisher or skill\npincer trust block suspicious-dev\npincer trust block malware-skill\n\n# Unblock\npincer trust unblock redeemed-dev\n\n# List all trust settings\npincer trust list\n\nView History\n# See what you've installed\npincer history\n\n# JSON output\npincer history --json\n\nConfiguration\n# Show current config\npincer config show\n\n# Edit in $EDITOR\npincer config edit\n\n# Reset to defaults\npincer config reset\n\nWhat It Checks\nVia mcp-scan (Invariant Labs)\nPrompt injection attacks\nMalware payloads in natural language\nTool poisoning\nSensitive data exposure\nHard-coded secrets\nAdditional Pattern Detection\nPattern\tRisk\tDescription\nBase64 commands\t🚨 High\tEncoded shell commands\nHex payloads\t🚨 High\tObfuscated binary data\nxattr -d quarantine\t🚨 High\tmacOS Gatekeeper bypass\ncurl | sh\t🚨 High\tPipe to shell execution\nPassword archives\t🚨 High\tHidden malicious payloads\nDownload + execute\t⚠️ Medium\tchmod +x && ./ patterns\neval $var\t⚠️ Medium\tDynamic code execution\nHidden files\t⚠️ Medium\tDot-file creation\nPersistence\t⚠️ Medium\tcron/launchd entries\nPublisher & Provenance\nPublisher reputation (trusted list)\nDownload count threshold\nSkill age threshold\nBlocklist checking\nBinary Detection\nScans for bundled executables\nFlags Mach-O, ELF, PE32 binaries\nRisk Levels\nLevel\tMeaning\tAction\n✅ CLEAN\tNo issues\tAuto-approve if trusted publisher\n⚠️ CAUTION\tWarnings present\tPrompt for approval\n🚨 DANGER\tSuspicious patterns\tBlock (override with --force)\n☠️ MALWARE\tKnown malicious\tBlock (cannot override)\n⛔ BLOCKED\tOn blocklist\tBlock (cannot override)\nConfiguration\n\nConfig: ~/.config/pincer/config.json\n\n{\n \"trustedPublishers\": [\"openclaw\", \"steipete\", \"invariantlabs-ai\"],\n \"blockedPublishers\": [],\n \"blockedSkills\": [],\n \"autoApprove\": \"clean\",\n \"logInstalls\": true,\n \"minDownloads\": 0,\n \"minAgeDays\": 0\n}\n\nKey\tDescription\ntrustedPublishers\tPublishers whose clean skills auto-approve\nblockedPublishers\tAlways block these publishers\nblockedSkills\tAlways block these specific skills\nautoApprove\t\"clean\" = auto-approve clean+trusted, \"never\" = always prompt\nlogInstalls\tLog installations to history file\nminDownloads\tWarn if skill has fewer downloads\nminAgeDays\tWarn if skill is newer than N days\nExamples\nClean Install\n$ pincer install bird\n🛡️ pincer v1.0.0\n\n → Fetching bird from ClawHub...\n Publisher: steipete (trusted)\n Stats: 7363 downloads · 27 ★ · created 1 month ago\n\n🛡️ pincer Scanning bird...\n\n → Running mcp-scan...\n ✅ mcp-scan: passed\n → Checking for suspicious patterns...\n ✅ Pattern check: passed\n → Checking external URLs...\n ✅ URL check: passed\n → Checking for bundled binaries...\n ✅ Binary check: passed\n\nRisk Assessment:\n ✅ CLEAN — No issues detected\n\n → Auto-approved (clean + trusted config).\n → Installing bird...\n ✅ Installed successfully!\n\nDangerous Skill Blocked\n$ pincer install sketchy-tool\n🛡️ pincer v1.0.0\n\n → Fetching sketchy-tool from ClawHub...\n Publisher: newaccount (unknown)\n Stats: 12 downloads · 0 ★ · created 2 days ago\n\n🛡️ pincer Scanning sketchy-tool...\n\n → Running mcp-scan...\n 🚨 mcp-scan: high-risk warnings\n → Checking for suspicious patterns...\n 🚨 Pattern check: suspicious patterns found\n • curl/wget piped to shell\n • macOS quarantine removal (xattr)\n → Checking external URLs...\n ⚠️ URL check: external URLs found\n • http://sketchy-domain.xyz/install\n → Checking for bundled binaries...\n ✅ Binary check: passed\n\nRisk Assessment:\n 🚨 DANGER — Suspicious patterns detected\n • mcp-scan: high-risk patterns detected\n • curl/wget piped to shell\n • macOS quarantine removal (xattr)\n\n ☠️ Install blocked. Use --force to override (not recommended).\n\nCredits\nmcp-scan by Invariant Labs — core security scanning\n1Password Security Research — threat analysis that inspired this tool\nSnyk ToxicSkills Report — ecosystem threat research\nLicense\n\nMIT\n\nStay safe out there. 🛡️" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/panzacoder/pincer", "publisherUrl": "https://clawhub.ai/panzacoder/pincer", "owner": "panzacoder", "version": "1.0.1", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/pincer", "downloadUrl": "https://openagent3.xyz/downloads/pincer", "agentUrl": "https://openagent3.xyz/skills/pincer/agent", "manifestUrl": "https://openagent3.xyz/skills/pincer/agent.json", "briefUrl": "https://openagent3.xyz/skills/pincer/agent.md" } }