docs/analysis-pipeline

Integration Guide

REST API Usage

Analyze a Skill

CODE
curl -X POST https://api.clawsec.dev/v1/verify/analyze \
  -H "Content-Type: application/json" \
  -d '{
    "clawhub": {
      "href": "https://clawhub.ai/author/skill-name"
    }
  }'

Analyze Raw Text

CODE
curl -X POST https://api.clawsec.dev/v1/verify/analyze \
  -H "Content-Type: application/json" \
  -d '{
    "text": {
      "content": "# My Skill\n\n## Instructions\n..."
    }
  }'

Async Job API

For long-running analyses or when you need to process multiple skills, use the async job API. Submit a job and poll for results instead of waiting for synchronous responses.

Submit Verification Job

CODE
curl -X POST https://api.clawsec.dev/v1/verify/jobs \
  -H "Content-Type: application/json" \
  -d '{
    "clawhub": {
      "href": "https://clawhub.ai/author/skill-name"
    },
    "options": {
      "quickMode": false,
      "yaraMode": "balanced",
      "enableMetaAnalysis": true
    }
  }'
Response:
{
  "jobId": "abc123",
  "status": "pending",
  "statusUrl": "https://api.clawsec.dev/v1/verify/jobs/abc123",
  "createdAt": "2026-02-09T12:00:00Z"
}

Get Job Status

CODE
curl https://api.clawsec.dev/v1/verify/jobs/abc123
Response (when completed):
{
  "jobId": "abc123",
  "status": "completed",
  "result": {
    "trustScore": 85,
    "riskLevel": "low",
    "findings": [...],
    "metaAnalysis": {...}
  },
  "completedAt": "2026-02-09T12:00:15Z"
}

Get Recent Jobs

CODE
curl "https://api.clawsec.dev/v1/verify/jobs?limit=20"
Response:
{
  "jobs": [
    {
      "jobId": "abc123",
      "status": "completed",
      "createdAt": "2026-02-09T12:00:00Z",
      "completedAt": "2026-02-09T12:00:15Z"
    },
    {
      "jobId": "def456",
      "status": "processing",
      "createdAt": "2026-02-09T12:01:00Z"
    }
  ],
  "total": 2
}

Job Status Values

pendingJob is queued and waiting to be processed
processingJob is currently being analyzed
completedAnalysis finished successfully, results available
failedAnalysis failed, error message in response

When to Use Async Jobs

  • Processing multiple skills in parallel
  • Long-running analyses with sandbox execution
  • Building queue-based processing systems
  • When you need to avoid HTTP timeouts

Response Structure

JSON
{
  "findings": [
    {
      "id": "YARA_prompt_injection_001",
      "rule_id": "prompt_injection_generic",
      "category": "prompt_injection",
      "severity": "CRITICAL",
      "title": "Prompt injection pattern detected",
      "description": "...",
      "file_path": "SKILL.md",
      "line_number": 42,
      "snippet": "...",
      "analyzer": "static"
    }
  ],
  "metaAnalysis": {
    "validatedFindings": [...],
    "falsePositives": [...],
    "overallRiskAssessment": {
      "riskLevel": "CRITICAL",
      "skillVerdict": "DO_NOT_USE"
    }
  },
  "trustScore": 35,
  "riskLevel": "critical",
  "analyzersUsed": ["yara", "llm", "meta"],
  "scanDurationMs": 12340
}

Performance Characteristics

ConfigurationSpeedUse Case
YARA only<1sCI/CD quick check
YARA + LLM + Meta10-20sProduction analysis
Full (with Sandbox)40-70sMaximum detection