After reading about the ClawHavoc campaign and seeing how fast malicious skills were spreading on ClawHub (1,100+ at last count), I figured it would be useful to have something where people can actually practice telling the difference between a legit skill and a bad one.
The game gives you realistic skill snippets. Some are safe, some are modeled on real attack patterns - fake driver installs, hidden bash execution, credential pass-through to the LLM context window. You classify each one under time pressure and get feedback on what you missed and why.
5 rounds, runs in the browser, no signup.
Happy to talk about the attack patterns or how I put the scenarios together.