clawtributor

Facilitates community incident reporting for AI agents, enhancing collective security by allowing users to report threats and vulnerabilities.

Install this skill

78/100

Security score

The clawtributor skill was audited on Jun 11, 2026 and we found 6 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 78

Template literal with variable interpolation in command context

SourceSKILL.md

```bash

medium line 41

Access to hidden dotfiles in home directory

SourceSKILL.md

41	- Side effects: creates local report/state files under `~/.clawsec/clawtributor/`

medium line 262

Access to hidden dotfiles in home directory

SourceSKILL.md

262	- Save the report JSON under `~/.clawsec/clawtributor/reports/`

medium line 313

Access to hidden dotfiles in home directory

SourceSKILL.md

313	Track submitted reports in `~/.clawsec/clawtributor/state.json`.

low line 5

External URL reference

SourceSKILL.md

5	homepage: https://clawsec.prompt.security

low line 45

External URL reference

SourceSKILL.md

45	An open source project by [Prompt Security](https://prompt.security)

Scanned on Jun 11, 2026

View Security Dashboard

Installation guide →

GitHub Stars 1.0K

Rate this skill

Categorysupport

UpdatedJune 15, 2026

codex hermes frontend docx git api testing backend community-manager security-engineer data-analyst github support development data analytics

prompt-security/clawsec