ClawSec hardens OpenClaw skill installs

ClawSec is the kind of defensive tooling the agent ecosystem should have had from day one. As OpenClaw-style workflows get more autonomous, security checks around skills, prompts, and agent state stop being optional hygiene and start becoming core infrastructure.

• –The suite verifies skill artifacts with signed checksums, which directly addresses package tampering and sketchy install flows
• –Its file integrity layer watches critical agent files like SOUL.md and IDENTITY.md, then detects or auto-restores drift
• –The advisory feed pulls in NVD CVEs and community reports, giving agents a live view of newly discovered risks instead of static hardening docs
• –NanoClaw support expands the project beyond desktop-style agent setups into containerized deployments and MCP-based tooling
• –Shipping security as installable skills fits the ecosystem's actual adoption model, which makes ClawSec more likely to be used than a separate security dashboard