⚠
High Risk:This skill has significant security concerns. Review the findings below before installing.
pincer
⚠Caution·Scanned 2/18/2026
Dangerous skill: executes shell commands like clawhub install and uvx mcp-scan@latest, performing network fetches to inspect and install remote skills. pincer is a security-first wrapper for installing agent skills that stores config/history in ~/.config/pincer/config.json and ~/.config/pincer/history.json.
from clawhub.ai·v01daa36·38.6 KB·0 installs
Scanned from 1.0.1 at 01daa36 · Transparency log ↗
$ vett add clawhub.ai/panzacoder/pincerReview security findings before installing
pincer 🛡️
Security-first wrapper for installing agent skills. Scans for malware, prompt injection, and suspicious patterns before installation.
Why?
Agent skills are powerful — they're basically executable documentation. The ClawHub ecosystem has already seen malware campaigns distributing infostealers via innocent-looking skills. pincer adds a security layer.
Quick Start
# Install
clawhub install pincer
# Use instead of clawhub install
pincer install some-skill
# Scan without installing
pincer scan suspicious-skill
# Audit all installed skills
pincer audit
Features
- Pre-install scanning — Analyze skills before they touch your system
- mcp-scan integration — Leverages Invariant Labs' mcp-scan for prompt injection and malware detection
- Pattern detection — Base64 payloads,
curl | sh, quarantine removal, and more - Publisher trust — Maintain lists of trusted and blocked publishers
- Audit mode — Quick-scan all installed skills
- JSON output — Scriptable for CI/CD integration
- Install logging — Track what you've installed and when
Documentation
See SKILL.md for full documentation.
License
MIT
Credits
- mcp-scan by Invariant Labs
- 1Password Security Research
- Snyk ToxicSkills Report