# Send Pincer to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "pincer", "name": "Pincer", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/panzacoder/pincer", "canonicalUrl": "https://clawhub.ai/panzacoder/pincer", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/pincer", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=pincer", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "README.md", "SKILL.md", "_meta.json", "scripts/pincer.sh" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "slug": "pincer", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-29T12:18:14.106Z", "expiresAt": "2026-05-06T12:18:14.106Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=pincer", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=pincer", "contentDisposition": "attachment; filename=\"pincer-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null, "slug": "pincer" }, "scope": "item", "summary": "Item download looks usable.", "detail": "Yavira can redirect you to the upstream package for this item.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/pincer" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/pincer", "downloadUrl": "https://openagent3.xyz/downloads/pincer", "agentUrl": "https://openagent3.xyz/skills/pincer/agent", "manifestUrl": "https://openagent3.xyz/skills/pincer/agent.json", "briefUrl": "https://openagent3.xyz/skills/pincer/agent.md" } } ``` ## Documentation ### pincer 🛡️ Security-first wrapper for clawhub install. Scans skills for malware, prompt injection, and suspicious patterns before installation. ### Why? Agent skills are powerful — they're basically executable documentation. The ClawHub ecosystem has already seen malware campaigns distributing infostealers via innocent-looking skills. pincer adds a security layer before you install anything. ### Install # From ClawHub clawhub install pincer # Or manually chmod +x ./scripts/pincer.sh ln -sf "$(pwd)/scripts/pincer.sh" ~/.local/bin/pincer Dependencies: clawhub — for fetching skills uvx — for mcp-scan (brew install uv) jq — for JSON parsing ### Safe Install # Instead of: clawhub install some-skill pincer install some-skill # With specific version pincer install some-skill@1.2.0 ### Scan Without Installing # Scan a ClawHub skill pincer scan some-skill # Scan a local directory pincer scan ./path/to/skill # JSON output for automation pincer scan some-skill --json ### Audit Installed Skills # Quick-scan all installed skills pincer audit # JSON output pincer audit --json ### Manage Trust # Add trusted publisher (auto-approve clean skills) pincer trust add steipete # Remove from trusted pincer trust remove old-publisher # Block a publisher or skill pincer trust block suspicious-dev pincer trust block malware-skill # Unblock pincer trust unblock redeemed-dev # List all trust settings pincer trust list ### View History # See what you've installed pincer history # JSON output pincer history --json ### Configuration # Show current config pincer config show # Edit in $EDITOR pincer config edit # Reset to defaults pincer config reset ### Via mcp-scan (Invariant Labs) Prompt injection attacks Malware payloads in natural language Tool poisoning Sensitive data exposure Hard-coded secrets ### Additional Pattern Detection PatternRiskDescriptionBase64 commands🚨 HighEncoded shell commandsHex payloads🚨 HighObfuscated binary dataxattr -d quarantine🚨 HighmacOS Gatekeeper bypasscurl | sh🚨 HighPipe to shell executionPassword archives🚨 HighHidden malicious payloadsDownload + execute⚠️ Mediumchmod +x && ./ patternseval $var⚠️ MediumDynamic code executionHidden files⚠️ MediumDot-file creationPersistence⚠️ Mediumcron/launchd entries ### Publisher & Provenance Publisher reputation (trusted list) Download count threshold Skill age threshold Blocklist checking ### Binary Detection Scans for bundled executables Flags Mach-O, ELF, PE32 binaries ### Risk Levels LevelMeaningAction✅ CLEANNo issuesAuto-approve if trusted publisher⚠️ CAUTIONWarnings presentPrompt for approval🚨 DANGERSuspicious patternsBlock (override with --force)☠️ MALWAREKnown maliciousBlock (cannot override)⛔ BLOCKEDOn blocklistBlock (cannot override) ### Configuration Config: ~/.config/pincer/config.json { "trustedPublishers": ["openclaw", "steipete", "invariantlabs-ai"], "blockedPublishers": [], "blockedSkills": [], "autoApprove": "clean", "logInstalls": true, "minDownloads": 0, "minAgeDays": 0 } KeyDescriptiontrustedPublishersPublishers whose clean skills auto-approveblockedPublishersAlways block these publishersblockedSkillsAlways block these specific skillsautoApprove"clean" = auto-approve clean+trusted, "never" = always promptlogInstallsLog installations to history fileminDownloadsWarn if skill has fewer downloadsminAgeDaysWarn if skill is newer than N days ### Clean Install $ pincer install bird 🛡️ pincer v1.0.0 → Fetching bird from ClawHub... Publisher: steipete (trusted) Stats: 7363 downloads · 27 ★ · created 1 month ago 🛡️ pincer Scanning bird... → Running mcp-scan... ✅ mcp-scan: passed → Checking for suspicious patterns... ✅ Pattern check: passed → Checking external URLs... ✅ URL check: passed → Checking for bundled binaries... ✅ Binary check: passed Risk Assessment: ✅ CLEAN — No issues detected → Auto-approved (clean + trusted config). → Installing bird... ✅ Installed successfully! ### Dangerous Skill Blocked $ pincer install sketchy-tool 🛡️ pincer v1.0.0 → Fetching sketchy-tool from ClawHub... Publisher: newaccount (unknown) Stats: 12 downloads · 0 ★ · created 2 days ago 🛡️ pincer Scanning sketchy-tool... → Running mcp-scan... 🚨 mcp-scan: high-risk warnings → Checking for suspicious patterns... 🚨 Pattern check: suspicious patterns found • curl/wget piped to shell • macOS quarantine removal (xattr) → Checking external URLs... ⚠️ URL check: external URLs found • http://sketchy-domain.xyz/install → Checking for bundled binaries... ✅ Binary check: passed Risk Assessment: 🚨 DANGER — Suspicious patterns detected • mcp-scan: high-risk patterns detected • curl/wget piped to shell • macOS quarantine removal (xattr) ☠️ Install blocked. Use --force to override (not recommended). ### Credits mcp-scan by Invariant Labs — core security scanning 1Password Security Research — threat analysis that inspired this tool Snyk ToxicSkills Report — ecosystem threat research ### License MIT Stay safe out there. 🛡️ ## Trust - Source: tencent - Verification: Indexed source record - Publisher: panzacoder - Version: 1.0.1 ## Source health - Status: healthy - Item download looks usable. - Yavira can redirect you to the upstream package for this item. - Health scope: item - Reason: direct_download_ok - Checked at: 2026-04-29T12:18:14.106Z - Expires at: 2026-05-06T12:18:14.106Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/pincer) - [Send to Agent page](https://openagent3.xyz/skills/pincer/agent) - [JSON manifest](https://openagent3.xyz/skills/pincer/agent.json) - [Markdown brief](https://openagent3.xyz/skills/pincer/agent.md) - [Download page](https://openagent3.xyz/downloads/pincer)