Companion Tools
Host-side security tools that complement Toolhub's in-browser utilities.
Toolhub is fully browser-based — nothing runs server-side, nothing needs install. These external tools are different: they run on your own machine or server. We list them here because they fit Toolhub's privacy-first ethos and address use cases that genuinely require host-side execution.
All are built by JXXR1, the same maintainer as Toolhub. MIT licensed. Self-host them. Audit the source. They're not affiliate links — just companion utilities.
When to reach for a companion tool
The decision is mostly about where the work has to happen:
- Stays in the browser? Use a Toolhub tool. Decoding, encoding, formatting, generating, calculating — anything that takes input from one user and produces output for the same user is a browser job. Toolhub covers 100+ of those.
- Runs against a system, server, or filesystem? Use a companion tool. Watching a Linux server for intrusion attempts, statically analysing a downloaded skill bundle, scanning egress traffic — these need a process running on a real machine with real privileges. The browser sandbox can't do that, and shouldn't try.
- Sits between the two? Toolhub usually wins. "I want to format this JSON" looks like it might need a server because the JSON might be large; in practice modern browsers handle multi-megabyte JSON fine. Default to the browser-only option until the file genuinely doesn't fit.
The companion tools below are the host-side workloads Toolhub explicitly cannot do — and the ones the Toolhub maintainer has built or audited personally, so they can be vouched for rather than just listed.
🤖 AI Agents & Harnesses
skill-scanner v3.5.0 ↗
Security scanner for AI agent skills — 38 modules detecting credential theft, supply-chain attacks, prompt injection, and runtime abuse across any skill bundle.
Works on any skill bundle that ships a SKILL.md or manifest — Claude Code, OpenClaw, AgentPress, Hermes Skills Hub, MCP toolkits. With AI agent harnesses proliferating, the supply chain for downloadable agent "skills" is the next frontier for malware injection. skill-scanner statically analyses skill packages across 38 detection modules — pattern matching, AST taint tracking, LLM semantic analysis, YARA rules, and typo-squat detection.
Recent supply-chain wave (v3.4 + v3.5) adds: bundled-content provenance for RAG corpora, external-model-download detection (HuggingFace / replicate / etc.), hash-pinning verification against in-flight tampering, and PGP release-signature verification.
🛡️ Security
sentinel v1.9.0 ↗
Lightweight bash security monitor for Linux servers — six-layer defense covering file access, port exposure, egress allowlist, full audit, stack health, and nightly deep scan. Zero dependencies.
Six-tier latency: file-watch (<1s) · watchdog (<2min) · outbound-guard (<2min) · check-v2+intel (6h) · stack-health (<4h) · daily (24h).
Open-port allowlist · sensitive-service exposure detection · root-process audit · world-writable scan · SSH-key delta · failed-login spike detection · cron/systemd delta · security-stack health (ClamAV / CrowdSec / Wazuh / fail2ban) · CVE-feed intel · supply-chain skill-scanner integration · LLM-vendor egress audit · backup integrity verification · Tailscale posture audit.
v1.9.0 (today) adds two new layers: outbound-guard for egress allowlist enforcement on monitored processes, and stack-health for verifying the security stack itself is alive, fresh, and vocal — not just running.
Why these and not just "a list of cool tools"?
Both are JXXR1's own work. We recommend tools we've built or audited ourselves. Toolhub doesn't publish a "best Linux security tools" listicle — there are plenty of those, and most are SEO farms. This page is a curated handoff for the specific audiences who arrive at Toolhub and need a host-side companion: school IT admins, agent-builders, sysadmins.
If you'd like a tool added: open an issue on the Toolhub repo. We won't accept paid placements.