Scan installed skills for known ClawHavoc indicators of compromise - suspicious install scripts in SKILL.md, known malicious publisher names, C2 domain patterns, and obfuscated shell commands.
Reference: Antiy CERT ClawHavoc analysis (1,184 malicious packages across 12 publisher accounts).
Scan installed skills for known ClawHavoc indicators of compromise - suspicious install scripts in SKILL.md, known malicious publisher names, C2 domain patterns, and obfuscated shell commands.
Reference: Antiy CERT ClawHavoc analysis (1,184 malicious packages across 12 publisher accounts).