← Back to Skills Marketplace
408
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install nidhov01-skill-vetter
Description
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
Usage Guidance
This skill is a coherent, conservative vetting checklist and safe as an instruction-only helper. Before using it, ensure the agent has only the minimum permissions needed to fetch and inspect candidate skill repositories (network access and read access to the skill package). Remember: vetting a skill via these checks does not sandbox or prevent a vetted skill from later performing malicious actions at runtime — for higher-risk skills manually review code, prefer running them in isolated sandboxes, verify releases/tags on authoritative repos, and require human approval for any skill that requests credentials or system access.
Capability Analysis
Type: OpenClaw Skill
Name: nidhov01-skill-vetter
Version: 1.0.0
The 'skill-vetter' bundle is a security-oriented tool designed to provide a vetting protocol for AI agents to evaluate other skills before installation. The SKILL.md file contains instructions, checklists, and template reports focused on identifying red flags such as data exfiltration, unauthorized credential access, and obfuscated code, with no evidence of malicious intent or harmful commands.
Capability Assessment
Purpose & Capability
Name/description claim to vet skills; SKILL.md only contains guidance and commands to fetch and inspect skill repos (e.g., GitHub API curl examples). It does not request unrelated credentials, binaries, or installs — this is proportionate for a vetting tool.
Instruction Scope
Instructions require reading all files of the target skill and optionally making network calls to GitHub (via curl examples). That is appropriate for vetting, but it assumes the agent has permission to fetch remote repos and to read the skill package being evaluated. The instructions do not tell the agent to read unrelated host secrets itself; they only flag those paths as items to check in target skills.
Install Mechanism
No install spec and no code files — instruction-only. This minimizes installation risk because nothing is written to disk by the skill itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. The checklist mentions sensitive paths as red flags for target skills, but does not request access to them for itself.
Persistence & Privilege
always is false and default autonomy is unchanged. The skill does not request persistent/system-wide changes or elevated privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install nidhov01-skill-vetter - After installation, invoke the skill by name or use
/nidhov01-skill-vetter - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Fork - 2026.3.16
Metadata
Frequently Asked Questions
What is Skill Vetter?
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,... It is an AI Agent Skill for Claude Code / OpenClaw, with 408 downloads so far.
How do I install Skill Vetter?
Run "/install nidhov01-skill-vetter" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skill Vetter free?
Yes, Skill Vetter is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Skill Vetter support?
Skill Vetter is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skill Vetter?
It is built and maintained by nidhov01 (@nidhov01); the current version is v1.0.0.
More Skills