Clawdhub
低风险
作者:steipete | 审计时间:2026-02-26T09:59:20.936Z | 规则集:0.2.0
技能介绍
Use the ClawdHub CLI to search, install, update, and publish agent skills from clawdhub.com. Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, o…
✨ Web search
✨ Results filtering
✨ URL extraction
✨ Content scraping
使用场景
1 Research topics
2 Find information
3 Answer questions
文档(原文)
来源:SKILL.md 以下为作者原文(通常为英文)。安装请以页面顶部“快速安装”为准。
name: clawdhub
description: Use the ClawdHub CLI to search, install, update, and publish agent skills from clawdhub.com. Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, or publish new/updated skill folders with the npm-installed clawdhub CLI.
metadata: {"clawdbot":{"requires":{"bins":["clawdhub"]},"install":[{"id":"node","kind":"node","package":"clawdhub","bins":["clawdhub"],"label":"Install ClawdHub CLI (npm)"}]}}
ClawdHub CLI
Install
npm i -g clawdhub
Auth (publish)
clawdhub login
clawdhub whoami
Search
clawdhub search "postgres backups"
Install
clawdhub install my-skill
clawdhub install my-skill --version 1.2.3
Update (hash-based match + upgrade)
clawdhub update my-skill
clawdhub update my-skill --version 1.2.3
clawdhub update --all
clawdhub update my-skill --force
clawdhub update --all --no-input --force
List
clawdhub list
Publish
clawdhub publish ./my-skill --slug my-skill --name "My Skill" --version 1.2.0 --changelog "Fixes + docs"
Notes
- Default registry: https://clawdhub.com (override with CLAWDHUB_REGISTRY or --registry)
- Default workdir: cwd; install dir: ./skills (override with --workdir / --dir)
- Update command hashes local files, resolves matching version, and upgrades to latest unless --version is set
安全审计
低风险
摘要
Use the ClawdHub CLI to search, install, update, and publish agent skills from clawdhub.com. Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, or publish new/updated skill folders with the npm-installed clawdhub CLI.
风险画像
ToxicSkills 分析
黑名单
未命中
提示词注入
未检测到
当前静态检测未发现 Toxic 信号。
关键风险 0 项
暂无 LLM 风险要点(LLM 未启用或无缓存)。
确定性发现(证据)
未检测到发现。
评分标准
每个技能从 5 个维度评分,加权总分决定星级。
代码毒性 100/100 (权重 30%)
隐私风险 100/100 (权重 25%)
权限范围 100/100 (权重 20%)
作者声誉 75/100 (权重 15%)
代码质量 70/100 (权重 10%)
星级说明
5★ 安全 — 总分 ≥ 80
4★ 良好 — 总分 70–79
3★ 注意 — 总分 60–69
2★ 有风险 — 总分 40–59
1★ 危险 — 总分 < 40
为何是这个评分?
所有维度均高于 60 分,该技能通过安全基线。