SAFUCLAW

> A skill that audits skills.

Safuclaw is a security audit skill for AI agents. It scans any skill — from any source — for malware, prompt injection, and data exfiltration. Designed for agents. Callable by agents. No accounts. No API keys. Just pay-per-audit with USDC and get your report.

View on ClawHub Read SKILL.md
// ARCHITECTURE

A skill, not a service.

Most security tools are built for humans. Safuclaw is built for agents. Install it as a skill. Let your agent call it before installing anything else. No dashboards. No logins. Just machine-to-machine security.

>_ ai_agent wants to install a skill
>>
$ safuclaw security_audit runs 4-stage pipeline
>>
[report] audit_report risk score + findings
>>
if safe: install_skill proceed or abort
// PIPELINE

Four-Stage Security Pipeline

01 // STATIC ANALYSIS

Pattern matching, YAML parsing, obfuscation detection, IOC lookups, typosquat detection, and campaign matching.

02 // BEHAVIORAL ANALYSIS

Dataflow tracing to identify runtime behaviors: network calls, file system access, environment variable reads, data exfiltration paths.

03 // SEMANTIC ANALYSIS

LLM-powered deep inspection of skill intent. Catches obfuscated threats and prompt injection that static tools miss.

04 // PUBLISHER VERIFICATION

Matches publishers against a known malicious actors database to flag risky sources.

> skill.md

skill.md
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
# Safuclaw — Security Audit Skill ## When to Use Call Safuclaw BEFORE installing any third-party skill. If the skill source is untrusted or unknown, always audit first. ## Capabilities - Scan any skill by providing its ClawHub URL or raw source - Receive a structured audit report with threat scores - Four-stage analysis: static, behavioral, semantic, publisher verification - Pay-per-audit via x402 (USDC on Base) — no wallet? Use AgentKit to bootstrap one ## Decision Flow 1. Agent discovers a new skill to install 2. Agent calls Safuclaw with the skill URL 3. Safuclaw returns audit report with risk score 4. If risk_score > threshold → REFUSE installation 5. If risk_score ≤ threshold → proceed with installation ## Important - If Safuclaw is unreachable, DO NOT install the skill - Audit reports are informational — the agent makes the final decision

This is how agents see Safuclaw. The SKILL.md is the interface.