SClawHub is a security scanning tool site built specifically for ClawHub Skills. The βSβ stands for Security. It lets users view the security scan report for a given skill by using the same skill URL path as ClawHub and simply changing the domain from clawhub.ai to sclawhub.com. The page states that it already provides scans for 28+ skills, along with a Chrome extension.
Its protection focuses on identifying risks in third-party skill code, including malware detection, credential theft, network calls, and code execution risks. Scanning is done through automated analysis plus AI review, with Semgrep + Claude AI explicitly mentioned under the hood. Reports present risk levels using a 0-100 Trust Score: for example, 95/100 indicates safe, 65/100 suggests review, and 25/100 indicates high risk. This quantitative approach is useful for regular users who need a quick judgment, while also helping developers dig into the detailed report.
The deployment model is lightweight: users can browse reports directly on the website or install the Chrome extension for assisted use. Integration mainly revolves around ClawHub path mapping and does not require complex configuration. The project emphasizes being 100% Open Source, allowing users to audit the code, contribute improvements, or fork it into their own projects. However, the page does not mention an enterprise console, centralized policies, alert notifications, APIs, SSO, or ticket-based support, so its management and operations capabilities remain unclear.
The captured content does not disclose a pricing model, paid plans, payment methods, or free quota, nor does it mention compliance certifications such as SOC 2, ISO 27001, or GDPR. Given its strong open-source positioning, it may be more of a community-oriented tool, but that should not be taken as evidence of any specific commercial licensing model.
Its strengths are a focused use case, a simple usage path, open-source transparency, and the combination of Semgrep and AI review to cover common supply chain risks. Its drawbacks are that coverage still appears to be at an early stage, with only 28+ scans explicitly mentioned, and there is limited information on enterprise governance, false-positive handling, SLAs, and compliance. It is best suited for ClawHub Skills users, reviewers checking plugins/skills before installation, security researchers, and developers who want to verify third-party skill code.
The page does not provide information about network accessibility in mainland China, ICP filing, payment, or localization, so china_access can only be marked as unknown. If access or payment is restricted, alternatives such as Semgrep, Snyk, Socket, SonarQube, and GitHub Advanced Security may be worth considering.
β This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on sclawhub.com official site.
sclawhub.com is an Unknown Cybersecurity provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach sclawhub.com directly.