← Back to Skills Marketplace

SkillScout

Name: SkillScout
Author: nashbot67

by nashbot67 · GitHub ↗ · v0.1.0

cross-platform ⚠ suspicious

431

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install skillscout

Description

Find and evaluate OpenClaw AI skills by trust score and security reviews before installation or recommendation.

Usage Guidance

What to consider before using or installing SkillScout: - Treat the repo as potentially active code: although SKILL.md is brief, the project includes scripts and a server package that will fetch code and write files. Do not run anything blindly. - SKILL.md examples use curl, python3, and npx, but the registry metadata lists no required binaries. If you plan to follow examples, ensure those tools are available and inspect any remote URLs first. - The catalog is hosted on an external static site (https://nashbot67.github.io/...). Verify you trust that domain and the JSON it serves before piping it into commands. If possible, fetch and inspect the JSON locally instead of executing it immediately. - The project claims an isolated, read-only review agent, but the repo contains fetch-and-write scripts — confirm how the review agent is actually invoked and whether network access is used in your environment. - If you want to run the MCP server (npx @skillscout/mcp): inspect the package on npm (confirm publisher identity), review its code, and run it in a sandbox or ephemeral environment first. - Prefer manual code review of the scripts (fetch-skill.sh, review-skill.sh, harden-skill.sh, mcp-server) before executing them. Look for any commands that download archives, run installs, or execute unverified code. If you want, I can: - List the exact shell commands and files in the repo that perform network or filesystem operations. - Extract and show the curl/npx/python usage lines so you can inspect the remote endpoints before running them. - Suggest a safe sequence to test the tool in a sandbox (Docker container) and what to watch for.

Capability Analysis

Type: OpenClaw Skill Name: skillscout Version: 0.1.0 The SkillScout bundle, despite its stated goal of enhancing security, contains several critical vulnerabilities. The `SKILL.md` file includes a `curl | python3 -c` command that is vulnerable to remote code execution if the remote JSON file is compromised or if the `QUERY` argument is maliciously crafted. Furthermore, the `scripts/fetch-skill.sh` script is susceptible to shell injection and path traversal via unsanitized user input when constructing `gh api` commands and `curl` URLs. Both `mcp-server/index.js` and `mcp/server.js` generate `npx clawhub@latest install` commands with unsanitized skill names, creating a prompt injection vector against any agent that executes their output. These flaws could lead to arbitrary code execution on the host system, classifying the bundle as suspicious due to severe vulnerabilities, not intentional malice.

Capability Assessment

ℹ Purpose & Capability

The name/description (find and evaluate skills) aligns with the included files: a static-site dataset, review templates, an MCP server, and helper scripts for fetching and reviewing skills. However the SKILL metadata claims 'instruction-only' and lists no required binaries/env, while SKILL.md and the repo clearly rely on external tooling (curl, python3, npx) and network-hosted JSON (nashbot67.github.io). That omission is an incoherence the user should know about.

⚠ Instruction Scope

SKILL.md itself gives simple on-the-wire usage (curl → parse JSON, and 'npx @skillscout/mcp'). The repository contains many scripts (fetch-skill.sh, review-skill.sh, harden-skill.sh, batch-review.sh) that perform network fetches and write files; those behaviors are not reflected in the minimal SKILL.md or metadata. The ARCHITECTURE.md claims a read-only, no-network review agent, but the surrounding scripts indicate the project fetches remote skill sources and writes artifacts to disk — this is scope creep vs the runtime instructions shown to users.

ℹ Install Mechanism

There is no declared install spec (lowest-risk surface), but SKILL.md recommends running 'npx @skillscout/mcp' and uses curl/python3 in examples. Running the MCP package (if you do) would execute code pulled from npm; the repository also contains server code (mcp-server) and scripts that download and write files. Absence of an explicit install section and missing declaration of required tools is inconsistent and increases operational risk if users execute the provided commands without inspection.

ℹ Credentials

The skill declares no required environment variables or credentials, which is appropriate for a read-only catalog. But the catalog and scripts reference external APIs and processed skills that themselves may require credentials (the included skills.json entries show many skills with 'credentials' permissions). The SkillScout package does not request secrets up front, but running its scripts or the MCP server could lead you to provide API keys for downstream skills — be mindful those are for the target skills, not SkillScout itself.

⚠ Persistence & Privilege

always:false (good). Still, multiple examples and scripts in the repo show writing files to user locations (e.g., creating ~/.config/... for reviewed skills). If you run the provided scripts or the MCP server they may persist downloaded skill artifacts and fetched docs locally. The SKILL metadata did not surface that behavior — users should expect the tool to write files and to run network operations if they invoke it.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install skillscout
After installation, invoke the skill by name or use /skillscout
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.1.0

SkillScout 0.1.0 — Initial release - Launches a centralized catalog to check trustworthiness of OpenClaw AI agent skills before installation. - Offers a simple curl+python command-line search for skills and trust ratings. - Provides detailed skill lookup and trust score breakdown (Safe, Caution, Avoid). - Describes multi-step review process: blocklist scan, AI code review, STRIDE threat analysis, human approval. - Includes full catalog and API endpoints for easy browsing and integration.

Metadata

Slug skillscout

Version 0.1.0

License —

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is SkillScout?

Find and evaluate OpenClaw AI skills by trust score and security reviews before installation or recommendation. It is an AI Agent Skill for Claude Code / OpenClaw, with 431 downloads so far.

How do I install SkillScout?

Run "/install skillscout" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is SkillScout free?

Yes, SkillScout is completely free (open-source). You can download, install and use it at no cost.

Which platforms does SkillScout support?

SkillScout is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created SkillScout?

It is built and maintained by nashbot67 (@nashbot67); the current version is v0.1.0.

More Skills