← Back to Skills Marketplace
liomichan

Testskill

by Liomichan · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ Security Clean
164
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install skill-vetter-liomi
Description
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
Usage Guidance
This skill is a coherent, instruction-only 'vetter' and appears to do what it says: guide an agent/human through reviewing other skills. Before you rely on it, remember: (1) it tells the agent to read files and run curl against GitHub — ensure the agent is sandboxed and has only the minimal permissions needed; (2) it does not supply automated deep-detection: it cannot guarantee detection of obfuscated binaries or hidden native installers — manual review and runtime sandboxing are still necessary; (3) if you or your agent run the GitHub API commands with authentication, that will use your tokens/credentials — the skill doesn't require them but could operate using them if available, so limit token scopes; (4) follow its own advice: check install scripts, network endpoints, and any requests for credentials before installing a skill. Overall this skill is useful and proportionate, but it's an advisory tool — not a substitute for careful manual review and sandbox testing.
Capability Analysis
Type: OpenClaw Skill Name: skill-vetter-liomi Version: 1.0.0 The skill-vetter bundle is a security-focused instruction set (SKILL.md) designed to guide an AI agent through a vetting protocol for other skills. It includes a comprehensive checklist of red flags, risk levels, and reporting templates. The provided shell commands are limited to fetching metadata and file contents from GitHub for analysis purposes and do not involve executing untrusted code.
Capability Assessment
Purpose & Capability
Name and description (skill vetting) align with the SKILL.md content. The runtime instructions explain how to review repos, list files, and check for red flags — all directly relevant to a vetter.
Instruction Scope
Instructions ask the agent to read all files of the target skill and to use GitHub API / raw.githubusercontent curl commands for GitHub-hosted skills. Reading a skill's files is necessary for vetting, but it requires the agent to have file/network access and adequate sandboxing; the instruction text does not itself request unrelated system secrets. Be aware 'Read ALL files' is broad and depends on the agent's execution privileges.
Install Mechanism
No install spec and no code files — instruction-only skill. This is the lowest-risk install mechanism; nothing is written to disk by the skill itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. The quick-commands use public GitHub APIs; they do not require tokens (though using authenticated queries would if the agent chooses to).
Persistence & Privilege
always is false and there is no install/persistence behavior. The skill can be invoked by the agent (normal), but it does not request or modify other skills or system-wide settings.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install skill-vetter-liomi
  3. After installation, invoke the skill by name or use /skill-vetter-liomi
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of skill-vetter. - Provides a security-first vetting protocol for AI agent skills. - Guides users through source verification, mandatory code review, permission assessment, and risk classification. - Supplies a standard output/report format for skill vetting. - Includes quick vet commands and a trust hierarchy for decision-making. - Adds _meta.json file for skill metadata.
Metadata
Slug skill-vetter-liomi
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Testskill?

Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,... It is an AI Agent Skill for Claude Code / OpenClaw, with 164 downloads so far.

How do I install Testskill?

Run "/install skill-vetter-liomi" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Testskill free?

Yes, Testskill is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Testskill support?

Testskill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Testskill?

It is built and maintained by Liomichan (@liomichan); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments