← Back to Skills Marketplace
1494
Downloads
1
Stars
2
Active Installs
3
Versions
Install in OpenClaw
/install openclaw-arbiter
Description
Audit installed skill permissions: detect network access, subprocess execution, file writes, unsafe deserialization, and environment variable usage. Permission matrix for every skill in your workspace. Free alert layer — upgrade to openclaw-arbiter-pro for revocation, quarantine, and policy enforcement.
Usage Guidance
This appears to be a legitimate offline permission auditor. Before installing or running it: (1) Review the scripts/arbiter.py file yourself (or inspect it with a diff) to confirm there are no unexpected network calls or obfuscated code. (2) Run only read-only operations first (audit, report, status) to see findings without making changes. (3) Do not run quarantine/revoke/enforce unless you have a current backup of your workspace and understand the changes they perform. (4) If you plan to automate or grant agent autonomy, be cautious: although always:false, an agent could be instructed to run enforcement commands which will modify or remove other skills. (5) If you need higher assurance, run the tool in an isolated environment (container or VM) and grep for network-related modules/URLs before trusting it with enforcement operations.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-arbiter
Version: 1.0.2
The OpenClaw Arbiter skill is a security tool designed to audit and enforce permissions for other agent skills. It transparently declares its purpose to detect risky operations (like network calls, subprocess execution, and unsafe deserialization) in other skills. The `scripts/arbiter.py` code accurately implements this functionality, performing file system operations (renaming, copying, deleting directories) only for its stated defensive features like quarantining and revoking skills, all within the designated workspace. It adheres to its claim of having no external dependencies and making no network calls. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, prompt injection attempts against the agent, or obfuscation. The powerful file system operations are integral to its security function and are not used for malicious intent.
Capability Assessment
Purpose & Capability
Name/description (permission auditor) matches what the package contains: a Python script that scans SKILL.md and code for network, subprocess, file I/O, env access, and unsafe deserialization patterns. The only required binary is python3, which is appropriate.
Instruction Scope
SKILL.md instructs running the arbiter against a workspace path; the tool legitimately needs to read skill directories and files to do its job. However the tool also exposes enforcement commands (quarantine, revoke, enforce, protect) which modify skills; SKILL.md/README mention those are 'Pro' features but the script contains them. Auditing (read-only) is expected; modifying/quarantining is a larger scope and should be used with care.
Install Mechanism
No install spec; the repo contains a single Python script and docs and claims to use only the standard library. That is low-risk compared with downloads or remote installers.
Credentials
The skill requests no environment variables or credentials, which is proportionate to an offline code-auditor. The script's detection patterns include environment access checks but it does not require any secrets.
Persistence & Privilege
always:false and agent-invocable:true (normal). But the tool implements commands that modify other skills (quarantine, revoke, enforce, protect) which grant it the ability to rename/move/delete skill directories when invoked. This is coherent for an enforcement tool but is a high-impact capability — ensure you run it intentionally and back up the workspace before using enforcement actions.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-arbiter - After installation, invoke the skill by name or use
/openclaw-arbiter - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
openclaw-arbiter 1.0.2
- Removed premium feature references from documentation to streamline messaging.
- Updated SKILL.md: eliminated mention of "openclaw-arbiter-pro" and enforcement capabilities.
- No functional code changes; all updates are documentation-only.
v1.0.1
openclaw-arbiter v1.0.1
- Documentation updated in README.md; no functional or code changes.
- Clarifications and improvements to instructions and usage details.
v1.0.0
- Initial release of openclaw-arbiter
- Audits all installed skills for usage of network, subprocess, file writes, unsafe deserialization, and environment variables
- Generates a permission matrix for every skill in the workspace
- Provides command-line tools for full audits, single-skill audits, permission reports, and quick status checks
- Detects and categorizes risks by severity with clear exit codes
- Runs locally with no external dependencies (Python standard library only)
- Supports darwin, linux, and win32 platforms
Metadata
Frequently Asked Questions
What is Openclaw Arbiter?
Audit installed skill permissions: detect network access, subprocess execution, file writes, unsafe deserialization, and environment variable usage. Permission matrix for every skill in your workspace. Free alert layer — upgrade to openclaw-arbiter-pro for revocation, quarantine, and policy enforcement. It is an AI Agent Skill for Claude Code / OpenClaw, with 1494 downloads so far.
How do I install Openclaw Arbiter?
Run "/install openclaw-arbiter" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Openclaw Arbiter free?
Yes, Openclaw Arbiter is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Openclaw Arbiter support?
Openclaw Arbiter is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux, win32).
Who created Openclaw Arbiter?
It is built and maintained by AtlasPA (@atlaspa); the current version is v1.0.2.
More Skills