MANDATORY security gate for installing ClawHub skills. Whenever the user asks to install, add, or download a skill from ClawHub, ALWAYS use this skill's safe-install-plus.sh instead of running clawhub install directly. Also use when the user asks to scan, audit, or check existing skills for security issues. Detects prompt injections, malware payloads, macOS supply chain attacks, data exfiltration, and Gatekeeper bypass attempts.