← Back to Skills Marketplace
blueworldmarketing

Skill Vetter Bwm

by blueworldmarketing · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ Security Clean
84
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install skill-vetter-bwm
Description
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
Usage Guidance
This skill is a safe, coherent checklist you can use to manually vet other skills. Before relying on it: (1) verify the publisher/owner identity (the included _meta.json ownerId differs from the registry header and there's no homepage), (2) remember it only gives guidance — it won't automatically detect every issue, so perform an actual file-level code review when required, (3) when following its quick commands you will perform network queries (GitHub API) — ensure network access and rate limits are acceptable, and (4) do not allow the agent to automatically execute or install code it reviews; keep a human in the loop for high-risk decisions (credentials, elevated privileges, or obfuscated code). If you want higher assurance, clone target repos locally and inspect contents, check signatures, and cross-check author reputation externally.
Capability Analysis
Type: OpenClaw Skill Name: skill-vetter-bwm Version: 1.0.0 The skill is a defensive security tool designed to provide a structured vetting protocol for AI agents to evaluate other skills. It includes a comprehensive list of red flags, risk levels, and reporting templates to identify potential malware or vulnerabilities. The provided shell commands in SKILL.md are limited to fetching public repository metadata from the GitHub API for auditing purposes and do not exhibit any malicious behavior.
Capability Assessment
Purpose & Capability
The skill's name and description match the instructions: it's a manual vetting checklist for skills. It requests no credentials, binaries, or installs, which is appropriate. Note: repository metadata shows an ownerId mismatch between the registry header (kn76z25...) and the included _meta.json (kn71j6...), and there is no homepage; this metadata inconsistency is worth verifying but does not change the skill's operational footprint.
Instruction Scope
SKILL.md contains a clear, narrow checklist and commands for querying GitHub metadata (curl to api.github.com) — these are appropriate for vetting GitHub-hosted skills. The instructions require reading the target skill's files for review (expected). They do not instruct the agent to read host-sensitive files or to exfiltrate data.
Install Mechanism
No install spec and no code files — instruction-only. This minimizes risk because nothing is written to disk or executed by an installer.
Credentials
The skill requires no environment variables, credentials, or config paths. That is proportionate for a vetting checklist.
Persistence & Privilege
always is false and model invocation is allowed (default). The skill does not request permanent presence or system-wide changes; no evidence it would modify other skills' configs.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install skill-vetter-bwm
  3. After installation, invoke the skill by name or use /skill-vetter-bwm
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Security-first skill vetting protocol for AI agents. - Guides users to evaluate skill sources, code, permission scope, and risk level before installation. - Includes a detailed checklist of red flags and risk classifications. - Provides a standardized vetting report template. - Offers quick commands for vetting skills from GitHub. - Emphasizes strict procedures for handling unknown or high-risk code.
Metadata
Slug skill-vetter-bwm
Version 1.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Skill Vetter Bwm?

Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,... It is an AI Agent Skill for Claude Code / OpenClaw, with 84 downloads so far.

How do I install Skill Vetter Bwm?

Run "/install skill-vetter-bwm" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Skill Vetter Bwm free?

Yes, Skill Vetter Bwm is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Skill Vetter Bwm support?

Skill Vetter Bwm is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Skill Vetter Bwm?

It is built and maintained by blueworldmarketing (@blueworldmarketing); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments