← Back to Skills Marketplace
77
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install skill-vetter-hermes
Description
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
Usage Guidance
This package appears to be a vetting checklist and integration plan, not a complete, self-contained scanner. Before you run or integrate it: 1) Do not run any suggested modification commands that edit clawhub or system files without inspecting the exact changes. 2) Ask the publisher for the missing skill_vetter.ps1 (or the actual scanner binary) and review its source before executing it. 3) Confirm whether the scanner needs to read token files or other credentials; never give it access to your Clawhub token or ~/.openclaw workspace without manual review. 4) If you want a vetting workflow, prefer a vetted, signed scanner distributed from an official source (or run any new scanner inside an isolated sandbox/VM). 5) If you plan to integrate auto-blocking into clawhub, require a human review step and code review of the exact patch to clawhub's CLI rather than applying opaque instructions from this package.
Capability Analysis
Type: OpenClaw Skill
Name: skill-vetter-hermes
Version: 1.2.0
The skill-vetter bundle is a security utility designed to audit and vet other OpenClaw skills before installation. It provides a structured protocol for AI agents to identify 'red flags' such as credential theft, obfuscated code, and unauthorized network access. While the instructions in SKILL.md include shell commands (curl, jq) to fetch metadata and content from GitHub (api.github.com, raw.githubusercontent.com), these actions are strictly aligned with the stated purpose of remote skill auditing. No evidence of malicious intent, data exfiltration, or harmful prompt injection was found.
Capability Assessment
Purpose & Capability
The name/description (skill vetting) matches the instructions in SKILL.md. However package metadata (package.json main -> skill_vetter.ps1 and INTEGRATION_REPORT.md references a PowerShell scanner) describe an executable that is not present in the manifest. The docs also describe modifying clawhub internals to integrate the scanner — a capability beyond a simple instruction-only vetting guide. This mismatch (claims of an executable + integration hooks vs. no actual executable files) is incoherent and should be explained by the author.
Instruction Scope
SKILL.md tells an agent to read ALL files of target skills and includes explicit integration hooks that modify the clawhub install path and auto-block installs. It also references reading/writing token locations and workspace paths. Those instructions go beyond passive vetting guidance and would require filesystem access and changes to other tooling; they grant broad authority and should not be executed blindly. The skill also instructs auto-blocking installs with no UI confirmation in some cases.
Install Mechanism
There is no install spec and no code files included in the package (instruction-only). That is the lowest-risk install model — nothing in the package will be written to disk by an installer. However the documentation expects an external PowerShell script (skill_vetter.ps1) to exist for actual scanning; because that script is missing, any attempt to follow integration steps would require obtaining and running external code (higher risk).
Credentials
The skill declares no required env vars or credentials, but the docs reference environment variable CLAWHUB_SKILL_VETTER, a Clawhub token path (C:\Users\atlas\.clawhub\token), and default workspace locations. The instructions would have agents read or modify user workspace and CLI installation paths and potentially access saved tokens — access to these secrets/configs is not declared or justified in metadata.
Persistence & Privilege
SKILL.md describes modifying clawhub's installation flow (editing cli/commands/skills.js) to call the scanner before installs and to auto-block. That requires modifying other software and granting persistent influence over future installs. The skill metadata does not request or justify such persistence or elevated privileges. While always:false and autonomous invocation are normal, the skill's own instructions attempt to create permanent hooks into the package manager, which is a privilege escalation risk if followed.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-vetter-hermes - After installation, invoke the skill by name or use
/skill-vetter-hermes - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.0
**Major update: automatic blocking of high-risk skills and stricter security protocol.**
- Introduced a 2-level trust hierarchy for skill vetting (OFFICIAL vs COMMUNITY skills).
- Added automatic blocking of HIGH and EXTREME risk skills from community/unknown sources.
- Scan failures now block installation by default.
- Updated output/reporting format to clearly show trust and risk levels.
- Enhanced documentation and integration instructions for use with clawhub installation.
- Added new project and integration files: origin.json, INTEGRATION_REPORT.md, PUBLISH_GUIDE.md, etc.
Metadata
Frequently Asked Questions
What is Skill Vetter?
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,... It is an AI Agent Skill for Claude Code / OpenClaw, with 77 downloads so far.
How do I install Skill Vetter?
Run "/install skill-vetter-hermes" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skill Vetter free?
Yes, Skill Vetter is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Skill Vetter support?
Skill Vetter is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skill Vetter?
It is built and maintained by 十三香小精灵 (@atlaszj); the current version is v1.2.0.
More Skills