安装 ClawHub 技能前做供应链安全预检，拦截 social-engineering 落地

• You have a staging/sandbox host isolated from production secrets.
• Skill install process is documented and can be paused before running external shell commands.

1. Before installation, read SKILL.md prerequisites and flag any command that pulls remote scripts (curl|bash, base64|sh, pastebin links).
2. Cross-check package/repo identity: publisher history, repo age, release tags, and community references.
3. If command is unavoidable, decode/inspect it in sandbox first and require explicit human approval before execution.
4. Prefer reproducible install methods (pinned version, checksum/signature) over ad-hoc one-liners.
5. Maintain an internal denylist for known-bad domains/packages and update it after each incident review.

• This checklist reduces risk but cannot guarantee zero-day detection across all skill ecosystems.
• Reported IOCs/domains from public incident posts should be continuously re-validated（需验证）。

This tip is aggregated from community/public sources and preserved with attribution.