← Back to Skills Marketplace
571
Downloads
0
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install hsyhp-skill-vetter
Description
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
README (SKILL.md)
Skill Vetter 🔒
Security-first vetting protocol for AI agent skills. Never install a skill without vetting it first.
When to Use
- Before installing any skill from ClawdHub
- Before running skills from GitHub repos
- When evaluating skills shared by other agents
- Anytime you're asked to install unknown code
Vetting Protocol
Step 1: Source Check
Questions to answer:
- [ ] Where did this skill come from?
- [ ] Is the author known/reputable?
- [ ] How many downloads/stars does it have?
- [ ] When was it last updated?
- [ ] Are there reviews from other agents?
Step 2: Code Review (MANDATORY)
Read ALL files in the skill. Check for these RED FLAGS:
🚨 REJECT IMMEDIATELY IF YOU SEE:
─────────────────────────────────────────
• curl/wget to unknown URLs
• Sends data to external servers
• Requests credentials/tokens/API keys
• Reads ~/.ssh, ~/.aws, ~/.config without clear reason
• Accesses MEMORY.md, USER.md, SOUL.md, IDENTITY.md
• Uses base64 decode on anything
• Uses eval() or exec() with external input
• Modifies system files outside workspace
• Installs packages without listing them
• Network calls to IPs instead of domains
• Obfuscated code (compressed, encoded, minified)
• Requests elevated/sudo permissions
• Accesses browser cookies/sessions
• Touches credential files
─────────────────────────────────────────
Step 3: Permission Scope
Evaluate:
- [ ] What files does it need to read?
- [ ] What files does it need to write?
- [ ] What commands does it run?
- [ ] Does it need network access? To where?
- [ ] Is the scope minimal for its stated purpose?
Step 4: Risk Classification
| Risk Level | Examples | Action |
|---|---|---|
| 🟢 LOW | Notes, weather, formatting | Basic review, install OK |
| 🟡 MEDIUM | File ops, browser, APIs | Full code review required |
| 🔴 HIGH | Credentials, trading, system | Human approval required |
| ⛔ EXTREME | Security configs, root access | Do NOT install |
Output Format
After vetting, produce this report:
SKILL VETTING REPORT
═══════════════════════════════════════
Skill: [name]
Source: [ClawdHub / GitHub / other]
Author: [username]
Version: [version]
───────────────────────────────────────
METRICS:
• Downloads/Stars: [count]
• Last Updated: [date]
• Files Reviewed: [count]
───────────────────────────────────────
RED FLAGS: [None / List them]
PERMISSIONS NEEDED:
• Files: [list or "None"]
• Network: [list or "None"]
• Commands: [list or "None"]
───────────────────────────────────────
RISK LEVEL: [🟢 LOW / 🟡 MEDIUM / 🔴 HIGH / ⛔ EXTREME]
VERDICT: [✅ SAFE TO INSTALL / ⚠️ INSTALL WITH CAUTION / ❌ DO NOT INSTALL]
NOTES: [Any observations]
═══════════════════════════════════════
Quick Vet Commands
For GitHub-hosted skills:
# Check repo stats
curl -s "https://api.github.com/repos/OWNER/REPO" | jq '{stars: .stargazers_count, forks: .forks_count, updated: .updated_at}'
# List skill files
curl -s "https://api.github.com/repos/OWNER/REPO/contents/skills/SKILL_NAME" | jq '.[].name'
# Fetch and review SKILL.md
curl -s "https://raw.githubusercontent.com/OWNER/REPO/main/skills/SKILL_NAME/SKILL.md"
Trust Hierarchy
- Official OpenClaw skills → Lower scrutiny (still review)
- High-star repos (1000+) → Moderate scrutiny
- Known authors → Moderate scrutiny
- New/unknown sources → Maximum scrutiny
- Skills requesting credentials → Human approval always
Remember
- No skill is worth compromising security
- When in doubt, don't install
- Ask your human for high-risk decisions
- Document what you vet for future reference
Paranoia is a feature. 🔒🦀
Usage Guidance
This skill is a checklist-only vetter and appears coherent and low-risk. Before relying on it: (1) verify the vetter's own source — a vetting tool should itself be reviewed; (2) restrict the agent's file/network permissions while running automated vetting so it can't read unrelated system files; (3) when the vetter recommends rejecting a skill, manually confirm any high-risk claims (e.g., network exfiltration, credential access) before denying or permitting installation.
Capability Analysis
Type: OpenClaw Skill
Name: hsyhp-skill-vetter
Version: 1.0.0
The skill-vetter bundle is a defensive tool designed to provide a structured security vetting protocol for AI agents. It contains instructions (SKILL.md) for identifying red flags such as data exfiltration, unauthorized file access, and obfuscated code. The included shell commands are limited to fetching repository metadata and file contents from GitHub for inspection purposes, aligning perfectly with its stated goal of security-first vetting.
Capability Assessment
Purpose & Capability
Name/description match the content: SKILL.md provides a step-by-step vetting protocol and quick commands for inspecting GitHub-hosted skills. It does not request unrelated credentials, binaries, or installs.
Instruction Scope
Instructions focus on reviewing skill files, checking repo metadata, and searching for red flags. This is appropriate for a vetting tool. Note: the doc tells the agent to "read ALL files in the skill" and to use network curl commands to fetch GitHub content — both are expected for code review but could be misused if the agent is permitted to read arbitrary system paths. The skill itself does not instruct access to system dirs beyond inspecting the skill package.
Install Mechanism
No install spec and no code files — lowest-risk form. There is no download or extraction, so nothing will be written to disk by the skill itself.
Credentials
Requires no environment variables, no credentials, and no config paths. The guidance to query GitHub APIs implies network access but nothing that requires secrets.
Persistence & Privilege
always:false and no instructions to modify agent or system configuration. Normal autonomous invocation is allowed but not excessive for this skill's function.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install hsyhp-skill-vetter - After installation, invoke the skill by name or use
/hsyhp-skill-vetter - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Skill Vetter v1.0.0 – Initial Release
- Introduces a security-first protocol for vetting AI agent skills before installation.
- Provides a structured, step-by-step vetting process: source check, code review, permission scope evaluation, and risk classification.
- Defines clear red flags and suspicious patterns to look for during code review.
- Includes a standardized output format for vetting reports.
- Offers quick vetting commands and a trust hierarchy for assessing skill sources.
- Emphasizes strict caution and documentation when handling untrusted or sensitive skills.
Metadata
Frequently Asked Questions
What is Skill Vetter?
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,... It is an AI Agent Skill for Claude Code / OpenClaw, with 571 downloads so far.
How do I install Skill Vetter?
Run "/install hsyhp-skill-vetter" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skill Vetter free?
Yes, Skill Vetter is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Skill Vetter support?
Skill Vetter is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skill Vetter?
It is built and maintained by hsyhph (@hsyhph); the current version is v1.0.0.
More Skills