← Back to Skills Marketplace
754
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install glitch-skillstore
Description
Search, install, and create OpenClaw skills with intelligent matching across known, local, and GitHub repositories.
README (SKILL.md)
SkillStore - OpenClaw Skill Manager
Search, install, and create OpenClaw skills with intelligent matching.
Skill Metadata
- Name: skillstore
- Type: OpenClaw Skill
- Purpose: Search existing skills, install from GitHub, or create new ones
Setup Commands
No setup required. Works out of the box.
Usage Commands
Search & Install
# Search for a skill (applies 30% threshold)
skillstore \x3Cquery>
# Examples:
skillstore home assistant
skillstore weather
skillstore smart home
skillstore email gmail
skillstore github
List & Show
# List installed skills
skillstore list
# Show all known skills (20 built-in)
skillstore known
Create New
# Create new skill with templates
skillstore create \x3Cname>
skillstore new \x3Cname>
# Examples:
skillstore create my-awesome-skill
skillstore new weather-widget
How Search Works
Matching Algorithm
- Tokenize - Split query into keywords
- Calculate - Jaccard similarity + keyword boost
- Filter - Remove results below 30% threshold
- Rank - Sort by relevance score
- Display - Show with visual score bar
Match Score
Score >= 50% = Strong match (green bar)
Score >= 30% = Weak match (yellow bar)
Score \x3C 30% = Not shown (filtered)
Search Sources (in order)
- Known Skills - Built-in database of 20 skills
- Local Skills - Skills in ~/.openclaw/workspace/skills/
- GitHub - Search openclaw repositories
Interaction Flow
1. User runs: skillstore home assistant
2. System searches all 3 sources
3. System filters by threshold
4. Results shown with scores:
1. [KNOWN] homeassistant ████████░░ 85%
Control smart home devices...
2. [LOCAL] homeassistant ███████░░░ 78%
3. [GIT] openclaw-homeassistant ██████░░░░ 62%
5. User chooses:
- Enter number → Install from GitHub
- n → Create new skill
- q → Quit
Known Skills Database
Built-in skills (searchable):
| Skill | Description |
|---|---|
| homeassistant | Smart home control (HA API) |
| gog | Google Workspace (Gmail, Calendar, Drive) |
| weather | Weather forecasts |
| github | GitHub CLI integration |
| himalaya | Email via IMAP/SMTP |
| obsidian | Obsidian vault integration |
| sonoscli | Sonos speaker control |
| blucli | BluOS speaker control |
| eightctl | Eight Sleep pod control |
| ordercli | Food delivery orders |
| blogwatcher | RSS feed monitoring |
| gifgrep | GIF search/download |
| video-frames | Video frame extraction |
| youtube-summarizer | YouTube transcript summary |
| ga4 | Google Analytics 4 |
| gsc | Google Search Console |
| wacli | WhatsApp messaging |
| browser | Browser automation |
| healthcheck | Security hardening |
Error Handling
- No results above threshold: Offer to create new skill
- GitHub search fails: Fall back to local/known
- Install fails: Show error with reason
Related Skills
- homeassistant
- openclaw-migrate
- skill-templates (legacy, use skillstore)
Files
skillstore/
├── SKILL.md # This file
├── README.md # User docs
├── main.js # CLI with intelligent search
└── config.json # Install history
Usage Guidance
This skill appears to do what it says: search known and local skills and query GitHub. Before installing or running it, quickly review the remaining parts of main.js (the truncated portion) to confirm what child_process.exec calls do when installing a repo (e.g., git clone, npm install, running remote scripts). Also note the docs and code disagree about the local-skill path (~/.openclaw/workspace/skills/ vs __dirname/..); make sure the tool will search the directories you expect. If you plan to run installs, run them in a sandbox or inspect any cloned repositories before executing their code.
Capability Analysis
Type: OpenClaw Skill
Name: glitch-skillstore
Version: 2026.2.17
The `main.js` file uses `child_process.exec` to perform `git clone` operations for installing skills from GitHub. While the input variables (`repo` and `name`) are sourced from the GitHub API and GitHub repository naming conventions generally mitigate simple shell injection, the use of `exec` with external input is a high-risk capability that represents a potential Remote Code Execution (RCE) vulnerability. This is classified as suspicious due to the presence of a powerful primitive that could be exploited if input sanitization or source constraints were to change, rather than clear evidence of intentional malicious behavior like data exfiltration or backdoors.
Capability Assessment
Purpose & Capability
Name/description (search/install/create OpenClaw skills) matches the code: it searches a built-in DB, local skills, and GitHub. No unrelated credentials or binaries are requested. One minor mismatch: SKILL.md says local skills live under ~/.openclaw/workspace/skills/, but the code searches the parent directory of the skill (path.join(__dirname, '..')).
Instruction Scope
Runtime instructions and code remain scoped to searching known skills, local SKILL.md/README.md files, and GitHub repo metadata. The code reads local skill files and calls the GitHub search API; both are expected. The SKILL.md examples describe interactive install flows but do not document exact install commands — the main.js includes child_process.exec (truncated in the listing), so you should inspect what install/exec steps perform before executing.
Install Mechanism
No install spec is provided (instruction-only install), and the repo includes the CLI source (main.js). There are no external download URLs or extract operations in the provided files. This is low-risk, but review any runtime exec invocations that may invoke git or external installers.
Credentials
The skill declares no required environment variables or credentials. The code performs unauthenticated calls to the public GitHub search API and local filesystem reads; this aligns with the described functionality.
Persistence & Privilege
always is false and the skill writes/reads a local config.json in its own directory (CONFIG_FILE = __dirname/config.json). It does not request system-wide or other-skill configs. No elevated persistence privileges are requested.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install glitch-skillstore - After installation, invoke the skill by name or use
/glitch-skillstore - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2026.2.17
- Added detailed documentation in SKILL.md covering usage, search algorithm, interaction flow, error handling, and skill database.
- Explained setup-free operation and provided clear CLI usage examples for searching, installing, and creating skills.
- Described the intelligent skill matching process, including matching algorithm steps, score thresholds, and data sources.
- Listed and described 20 built-in, searchable OpenClaw skills.
- Documented error handling behavior and fallback strategies.
- Included file structure overview and related skills for easier discovery.
Metadata
Frequently Asked Questions
What is Skillstore?
Search, install, and create OpenClaw skills with intelligent matching across known, local, and GitHub repositories. It is an AI Agent Skill for Claude Code / OpenClaw, with 754 downloads so far.
How do I install Skillstore?
Run "/install glitch-skillstore" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skillstore free?
Yes, Skillstore is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Skillstore support?
Skillstore is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skillstore?
It is built and maintained by Glitch (@chris6970barbarian-hue); the current version is v2026.2.17.
More Skills