The sharpest skill auditor in the ClawHavoc era. Scans any ClawHub or OpenClaw .md skill for malware, backdoors, obfuscated payloads, and supply-chain attacks — 100% local, read-only, never executes code.
- Detects ClawHavoc campaign signatures
- MCP/A2A/x402 wallet drain detection
- Advanced obfuscation & social engineering checks
- GitHub repo auditing (raw.githubusercontent.com only)
- Clean JSON output with safety score + recommendations
clawhub install chuddyrudd/clawsentinelaudit this skill: [paste markdown here]
- 100% local read-only analysis
- Only fetches raw.githubusercontent.com when explicitly requested
- Zero telemetry
MIT