← Back to Skills Marketplace

Skill Vetter — Security Audit for AI Skills

Name: Skill Vetter — Security Audit for AI Skills
Author: nerua1

by nerua1 · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ✓ Security Clean

136

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install nerua1-skill-vetter

Description

Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...

README (SKILL.md)

Skill Vetter 🔒

Security-first vetting protocol for AI agent skills. Never install a skill without vetting it first.

When to Use

Before installing any skill from ClawdHub
Before running skills from GitHub repos
When evaluating skills shared by other agents
Anytime you're asked to install unknown code

Vetting Protocol

Step 1: Source Check

Questions to answer:
- [ ] Where did this skill come from?
- [ ] Is the author known/reputable?
- [ ] How many downloads/stars does it have?
- [ ] When was it last updated?
- [ ] Are there reviews from other agents?

Step 2: Code Review (MANDATORY)

Read ALL files in the skill. Check for these RED FLAGS:

🚨 REJECT IMMEDIATELY IF YOU SEE:
─────────────────────────────────────────
• curl/wget to unknown URLs
• Sends data to external servers
• Requests credentials/tokens/API keys
• Reads ~/.ssh, ~/.aws, ~/.config without clear reason
• Accesses MEMORY.md, USER.md, SOUL.md, IDENTITY.md
• Uses base64 decode on anything
• Uses eval() or exec() with external input
• Modifies system files outside workspace
• Installs packages without listing them
• Network calls to IPs instead of domains
• Obfuscated code (compressed, encoded, minified)
• Requests elevated/sudo permissions
• Accesses browser cookies/sessions
• Touches credential files
─────────────────────────────────────────

Step 3: Permission Scope

Evaluate:
- [ ] What files does it need to read?
- [ ] What files does it need to write?
- [ ] What commands does it run?
- [ ] Does it need network access? To where?
- [ ] Is the scope minimal for its stated purpose?

Step 4: Risk Classification

Risk Level	Examples	Action
🟢 LOW	Notes, weather, formatting	Basic review, install OK
🟡 MEDIUM	File ops, browser, APIs	Full code review required
🔴 HIGH	Credentials, trading, system	Human approval required
⛔ EXTREME	Security configs, root access	Do NOT install

Output Format

After vetting, produce this report:

SKILL VETTING REPORT
═══════════════════════════════════════
Skill: [name]
Source: [ClawdHub / GitHub / other]
Author: [username]
Version: [version]
───────────────────────────────────────
METRICS:
• Downloads/Stars: [count]
• Last Updated: [date]
• Files Reviewed: [count]
───────────────────────────────────────
RED FLAGS: [None / List them]

PERMISSIONS NEEDED:
• Files: [list or "None"]
• Network: [list or "None"]  
• Commands: [list or "None"]
───────────────────────────────────────
RISK LEVEL: [🟢 LOW / 🟡 MEDIUM / 🔴 HIGH / ⛔ EXTREME]

VERDICT: [✅ SAFE TO INSTALL / ⚠️ INSTALL WITH CAUTION / ❌ DO NOT INSTALL]

NOTES: [Any observations]
═══════════════════════════════════════

Quick Vet Commands

For GitHub-hosted skills:

# Check repo stats
curl -s "https://api.github.com/repos/OWNER/REPO" | jq '{stars: .stargazers_count, forks: .forks_count, updated: .updated_at}'

# List skill files
curl -s "https://api.github.com/repos/OWNER/REPO/contents/skills/SKILL_NAME" | jq '.[].name'

# Fetch and review SKILL.md
curl -s "https://raw.githubusercontent.com/OWNER/REPO/main/skills/SKILL_NAME/SKILL.md"

Trust Hierarchy

Official OpenClaw skills → Lower scrutiny (still review)
High-star repos (1000+) → Moderate scrutiny
Known authors → Moderate scrutiny
New/unknown sources → Maximum scrutiny
Skills requesting credentials → Human approval always

Remember

No skill is worth compromising security
When in doubt, don't install
Ask your human for high-risk decisions
Document what you vet for future reference

Paranoia is a feature. 🔒🦀

If this saved you time: ☕ PayPal.me/nerudek GitHub: github.com/nerua1

Usage Guidance

This skill is safe to treat as a checklist-style aid, but do not treat its verdicts as authoritative on their own. Verify the publisher/source, and only run the example GitHub commands when you intentionally want the agent to inspect that repository.

Capability Analysis

Type: OpenClaw Skill Name: nerua1-skill-vetter Version: 1.0.0 The skill-vetter bundle is a security-focused tool designed to provide a framework for AI agents to audit other skills. The SKILL.md file contains a comprehensive vetting protocol, risk classification levels, and standard GitHub API commands (using curl and jq) for checking repository metadata. No malicious logic, data exfiltration, or deceptive instructions were found.

Capability Assessment

✓ Purpose & Capability

The skill's stated purpose is to help vet other skills before installation, and the SKILL.md content is a checklist/reporting protocol aligned with that purpose.

✓ Instruction Scope

The instructions are strong but scoped to security review decisions; they do not ask the agent to ignore the user, install software, access unrelated data, or persist behavior.

ℹ Install Mechanism

There is no install spec and no code, but the submitted registry metadata and packaged _meta.json are not fully consistent, so publisher/source provenance should be verified.

ℹ Credentials

The skill includes optional curl-based GitHub review commands. These are purpose-aligned examples, not automatic execution, but they would make external network requests if used.

✓ Persistence & Privilege

No credentials, environment variables, config paths, persistence mechanisms, background workers, or elevated privileges are requested.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install nerua1-skill-vetter
After installation, invoke the skill by name or use /nerua1-skill-vetter
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

- Initial release of skill-vetter (v1.0.0): a security-first vetting protocol for AI agent skills. - Provides a structured checklist and report format to assess skill sources, code, permission scope, and risk. - Includes clear red flags, trust hierarchy, and actionable risk classifications. - Offers quick vet commands for GitHub skills and strong install guidance. - Emphasizes never installing unvetted skills and prioritizes security at every step.

Metadata

Slug nerua1-skill-vetter

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Skill Vetter — Security Audit for AI Skills?

Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,... It is an AI Agent Skill for Claude Code / OpenClaw, with 136 downloads so far.

How do I install Skill Vetter — Security Audit for AI Skills?

Run "/install nerua1-skill-vetter" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Skill Vetter — Security Audit for AI Skills free?

Yes, Skill Vetter — Security Audit for AI Skills is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Skill Vetter — Security Audit for AI Skills support?

Skill Vetter — Security Audit for AI Skills is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Skill Vetter — Security Audit for AI Skills?

It is built and maintained by nerua1 (@nerua1); the current version is v1.0.0.

More Skills