Problem
Malwar scans SKILL.md files used by Claude Code, but the docs don't have a quick tutorial showing a Claude Code user how to scan their own skills before installing them.
What to Write
Create `docs/guide/getting-started-claude-code.md` with:
- Why — explain that skill files can contain hidden malicious commands
- Install — `pip install malwar && malwar db init`
- Scan a skill before installing — show scanning a skill file from a URL or local path
- Interpret the output — explain CLEAN / SUSPICIOUS / MALICIOUS verdicts and risk scores
- Integrate into your workflow — suggest scanning skills before adding them to `.claude/commands/`
Keep it short — someone should go from zero to scanning in under 5 minutes.
Bonus
If you want to go further, add a section showing how to use `malwar crawl scan ` to check ClawHub skills directly.
Problem
Malwar scans SKILL.md files used by Claude Code, but the docs don't have a quick tutorial showing a Claude Code user how to scan their own skills before installing them.
What to Write
Create `docs/guide/getting-started-claude-code.md` with:
Keep it short — someone should go from zero to scanning in under 5 minutes.
Bonus
If you want to go further, add a section showing how to use `malwar crawl scan ` to check ClawHub skills directly.