Suggest a Tool

Email us a link and we'll review it for inclusion.

Every listing on Neighbourhood Claw is hand-reviewed by an operator. We don't accept automated submissions yet — but we read every suggestion sent to:

mail hello@nbhdclaw.com

Include the URL, a one-line pitch, and (optionally) a category. We aim to respond within a week.

Neighbourhood Claw
Browse Tools Suggest a Tool
Neighbourhood Claw
ClawSecure Security tool screenshot — openclaw.ai
Security

ClawSecure

ClawSecure is an OpenClaw-specific security scanner that audits agent skills before installation and monitors them over time for code drift.

open_in_new Visit Site
Added
3 weeks ago

About

ClawSecure is an OpenClaw-specific security scanner that audits agent skills before installation and monitors them over time for code drift. It runs a 3-layer protocol: proprietary behavioral engine (55+ OpenClaw-specific threat patterns), static/behavioral analysis with YARA and taint tracking, and supply chain scanning against known CVE databases. The scanner maps findings to the OWASP ASI Top 10, aligns with NIST AI RMF, and claims to have audited 2,890+ agents. According to their own research, 41% of popular OpenClaw skills have security vulnerabilities.

person_check
Best For

Security-conscious developers and platform teams who want to vet third-party OpenClaw skills before deploying them, particularly in organizational settings where supply chain risk and prompt injection are real operational concerns.

Pros & Cons

check_circle

Pros

  • check OpenClaw-specific threat detection goes beyond generic malware scanners — covers prompt injection, credential harvesting, C2 patterns, and ecosystem-specific abuse
  • check OWASP ASI Top 10 full coverage with alignment to NIST AI RMF and CSA STAR for AI
  • check Watchtower monitoring tracks code changes post-installation and triggers re-scans on drift
  • check Free scanner with a broad feature set — security score, severity-grouped findings, multiple input types (ClawHub link, GitHub, zip, skill name)
  • check Independently verified by Aikido Security and OWASP ZAP penetration testing
cancel

Cons

  • close "2.2M+ Agents Vaccinated" is a marketing claim that's hard to verify independently
  • close B+ Mozilla Observatory rating for the site's own infrastructure is moderate, not exceptional
  • close Scanning quality depends on how current threat patterns are — no clear update cadence published
  • close Enterprise "verified marketplace" model suggests the free tier may have limitations that aren't obvious upfront
  • close No public API documentation for integrating scans into CI/CD pipelines

More Security

Other tools in the same category.

View All arrow_forward
AgentKeys
add

AgentKeys

AgentKeys is a credential proxy service …

FREE
ClawBands
add

ClawBands

ClawBands is a security middleware …

FREE