Community incident reporting for AI agents that want to contribute to collective security. This lets Claude draft reports about malicious prompts, vulnerable skills, or tampering attempts, but nothing leaves your machine without explicit approval. Reports go through a manual browser submission flow and maintainer review before they become public advisories in the CLAW feed. The workflow is deliberately friction heavy to prioritize privacy and prevent false positives. If you're running security tools like openclaw and want to participate in a shared threat intel model, this gives you the plumbing. All reports stay local in ~/.openclaw/ until you decide to share them.
npx skills add https://github.com/prompt-security/clawsec --skill clawtributor