← Back to Skills Marketplace
shifulegend

Install Shared Skill

by ssshhh · GitHub ↗ · v0.1.2
cross-platform ⚠ suspicious
370
Downloads
0
Stars
1
Active Installs
3
Versions
Install in OpenClaw
/install install-shared-skill
Description
Install OpenClaw skills at the local/system level so they are shared by all agents. Uses the clawhub CLI to fetch and install skills into the global OpenClaw...
README (SKILL.md)

Shared Skill Installer (ClawHub)

Tool: install_skill

Install a skill using the clawhub CLI.

Parameters:

  • skill_name (string, required): The name of the skill to install

Behavior:

  • Executes: clawhub install \x3Cskill_name> --workdir ./
  • Returns the raw terminal output (stdout + stderr) as the tool result
  • Non-zero exit codes are captured and returned as part of the output

Example usage:

/install_skill nano-pdf

This runs: clawhub install nano-pdf --workdir ./

Tool: install_shared_skill

Alias of install_skill — identical functionality.

Parameters:

  • skill_name (string, required): The name of the skill to install

Behavior:

  • Executes: clawhub install \x3Cskill_name> --workdir ./
  • Returns the raw terminal output (stdout + stderr) as the tool result

Example usage:

/install_shared_skill nano-pdf

This runs: clawhub install nano-pdf --workdir ./

Usage Guidance
Key things to consider before installing: (1) Verify you actually have and trust the `clawhub` CLI on the host; the skill will run it but does not declare that dependency. (2) The code uses string-based shell execution with the provided skill_name; if the agent or a user can supply a crafted skill name, that can lead to command injection (e.g., names containing `;` or `&&`). Prefer a version that spawns the command with arguments (no shell) or validates/whitelists skill names. (3) The skill advertises 'shared/system' installs but the implementation uses the current workspace (OPENCLAW_WORKSPACE or cwd) — expect it to be workspace-scoped unless you inspect/modify the code. (4) Because the agent can invoke this tool autonomously, consider disabling autonomous invocation for this skill or require human confirmation for install actions. (5) If you still want to use it, review or replace the helper scripts so they call `execFile`/spawn with separate args, explicitly require or validate the `clawhub` path, and avoid using undeclared environment variables.
Capability Analysis
Type: OpenClaw Skill Name: install-shared-skill Version: 0.1.2 The skill bundle contains a critical command injection vulnerability in both tools/install_skill.js and tools/install_shared_skill.js. The code uses child_process.exec to run a shell command constructed with unsanitized input from the skill_name parameter, allowing for arbitrary remote code execution (RCE). While the tool's stated purpose is to facilitate skill installation via the clawhub CLI, the lack of input validation makes it highly dangerous.
Capability Assessment
Purpose & Capability
The skill is named and described as installing skills at the local/system (shared) level, but both SKILL.md and the tools run `clawhub install <skill_name> --workdir ./` in the current workspace (or OPENCLAW_WORKSPACE). That behavior installs into a working directory, not necessarily a global/system-wide location. Additionally, the skill calls the external `clawhub` CLI but the manifest declares no required binaries — this is an undeclared runtime dependency.
Instruction Scope
The tool implementations build a single-shell command string and call child_process.exec with the raw skill_name interpolated: `clawhub install ${skillName} --workdir ./`. There is no validation/sanitization of skill_name, so a crafted skill_name could inject arbitrary shell commands. The scripts also read process.env.OPENCLAW_WORKSPACE for cwd (an environment variable that was not declared in requires.env). The instructions otherwise do not read unrelated files or post data externally.
Install Mechanism
This is an instruction-only skill with small included Node.js helper scripts; there is no external download or archive extraction. Nothing in the install spec writes arbitrary content to disk beyond executing the local clawhub CLI. That is lower-risk than arbitrary remote downloads, but it still depends on an external CLI being present and trusted.
Credentials
No credentials or environment variables are declared, yet the tool code reads OPENCLAW_WORKSPACE to set the working directory and implicitly relies on the system PATH to find `clawhub`. The skill therefore accesses an undeclared env var and an undeclared binary dependency. While no secrets are requested, the undeclared env/binary usage is disproportionate to the manifest.
Persistence & Privilege
always is false and the skill does not request permanent platform-wide privileges. However, because the skill can be invoked by the agent (disable-model-invocation is false by default) and it executes shell commands with unsanitized input, autonomous invocation increases the blast radius. The skill also claims to perform a global/shared install but in practice uses the current workspace, so it does not actually require elevated persistence.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install install-shared-skill
  3. After installation, invoke the skill by name or use /install-shared-skill
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.2
fix: use exact command clawhub install <skill> --workdir ./
v0.1.1
docs: add user-invocable metadata to frontmatter
v0.1.0
Initial release: system-level skill installer using clawhub
Metadata
Slug install-shared-skill
Version 0.1.2
License
All-time Installs 1
Active Installs 1
Total Versions 3
Frequently Asked Questions

What is Install Shared Skill?

Install OpenClaw skills at the local/system level so they are shared by all agents. Uses the clawhub CLI to fetch and install skills into the global OpenClaw... It is an AI Agent Skill for Claude Code / OpenClaw, with 370 downloads so far.

How do I install Install Shared Skill?

Run "/install install-shared-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Install Shared Skill free?

Yes, Install Shared Skill is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Install Shared Skill support?

Install Shared Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Install Shared Skill?

It is built and maintained by ssshhh (@shifulegend); the current version is v0.1.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments