← Back to Skills Marketplace
Claw Skill Vetter Pro
by
Williamwang-wh
· GitHub ↗
· v1.0.0
· MIT-0
170
Downloads
0
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install claw-skill-vetter-pro
Description
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
README (SKILL.md)
Skill Vetter 🔒
Security-first vetting protocol for AI agent skills. Never install a skill without vetting it first.
When to Use
- Before installing any skill from ClawdHub
- Before running skills from GitHub repos
- When evaluating skills shared by other agents
- Anytime you're asked to install unknown code
Vetting Protocol
Step 1: Source Check
Questions to answer:
- [ ] Where did this skill come from?
- [ ] Is the author known/reputable?
- [ ] How many downloads/stars does it have?
- [ ] When was it last updated?
- [ ] Are there reviews from other agents?
Step 2: Code Review (MANDATORY)
Read ALL files in the skill. Check for these RED FLAGS:
🚨 REJECT IMMEDIATELY IF YOU SEE:
─────────────────────────────────────────
• curl/wget to unknown URLs
• Sends data to external servers
• Requests credentials/tokens/API keys
• Reads ~/.ssh, ~/.aws, ~/.config without clear reason
• Accesses MEMORY.md, USER.md, SOUL.md, IDENTITY.md
• Uses base64 decode on anything
• Uses eval() or exec() with external input
• Modifies system files outside workspace
• Installs packages without listing them
• Network calls to IPs instead of domains
• Obfuscated code (compressed, encoded, minified)
• Requests elevated/sudo permissions
• Accesses browser cookies/sessions
• Touches credential files
─────────────────────────────────────────
Step 3: Permission Scope
Evaluate:
- [ ] What files does it need to read?
- [ ] What files does it need to write?
- [ ] What commands does it run?
- [ ] Does it need network access? To where?
- [ ] Is the scope minimal for its stated purpose?
Step 4: Risk Classification
| Risk Level | Examples | Action |
|---|---|---|
| 🟢 LOW | Notes, weather, formatting | Basic review, install OK |
| 🟡 MEDIUM | File ops, browser, APIs | Full code review required |
| 🔴 HIGH | Credentials, trading, system | Human approval required |
| ⛔ EXTREME | Security configs, root access | Do NOT install |
Output Format
After vetting, produce this report:
SKILL VETTING REPORT
═══════════════════════════════════════
Skill: [name]
Source: [ClawdHub / GitHub / other]
Author: [username]
Version: [version]
───────────────────────────────────────
METRICS:
• Downloads/Stars: [count]
• Last Updated: [date]
• Files Reviewed: [count]
───────────────────────────────────────
RED FLAGS: [None / List them]
PERMISSIONS NEEDED:
• Files: [list or "None"]
• Network: [list or "None"]
• Commands: [list or "None"]
───────────────────────────────────────
RISK LEVEL: [🟢 LOW / 🟡 MEDIUM / 🔴 HIGH / ⛔ EXTREME]
VERDICT: [✅ SAFE TO INSTALL / ⚠️ INSTALL WITH CAUTION / ❌ DO NOT INSTALL]
NOTES: [Any observations]
═══════════════════════════════════════
Quick Vet Commands
For GitHub-hosted skills:
# Check repo stats
curl -s "https://api.github.com/repos/OWNER/REPO" | jq '{stars: .stargazers_count, forks: .forks_count, updated: .updated_at}'
# List skill files
curl -s "https://api.github.com/repos/OWNER/REPO/contents/skills/SKILL_NAME" | jq '.[].name'
# Fetch and review SKILL.md
curl -s "https://raw.githubusercontent.com/OWNER/REPO/main/skills/SKILL_NAME/SKILL.md"
Trust Hierarchy
- Official OpenClaw skills → Lower scrutiny (still review)
- High-star repos (1000+) → Moderate scrutiny
- Known authors → Moderate scrutiny
- New/unknown sources → Maximum scrutiny
- Skills requesting credentials → Human approval always
Remember
- No skill is worth compromising security
- When in doubt, don't install
- Ask your human for high-risk decisions
- Document what you vet for future reference
Paranoia is a feature. 🔒🦀
Usage Guidance
This skill is a manual vetting checklist and appears coherent and low-risk, but verify provenance before relying on it: confirm the author/owner, ensure the _meta.json ownerId matches the registry/source, and prefer running vetting actions in a sandbox or with access limited only to the target skill's files and network. Remember this tool is a checklist — it does not perform automated deep scanning, so perform human review for high-risk skills (credentials, system access, obfuscated code).
Capability Analysis
Type: OpenClaw Skill
Name: claw-skill-vetter-pro
Version: 1.0.0
The skill-vetter-pro bundle is a defensive tool designed to provide a structured security vetting protocol for AI agents. It contains instructions and checklists in SKILL.md to help agents identify red flags like data exfiltration, credential theft, and unauthorized system access in other skills. The included shell commands are limited to querying the GitHub API for repository metadata and file lists, which is consistent with its stated purpose of evaluating third-party code.
Capability Assessment
Purpose & Capability
Name/description match the content: SKILL.md is a manual vetting checklist and provides GitHub API curl examples. It does not request credentials or install components, which is proportionate. Note: the _meta.json ownerId differs from the registry ownerId provided in the submission metadata and there's no homepage/source URL — that provenance mismatch is worth verifying before trusting this vetter.
Instruction Scope
Instructions are a human-style checklist (read all files, look for red flags, run provided curl queries). This stays within vetting scope, but it is high-level and manual — it relies on the agent/human having access to skill files and network. It does instruct 'Read ALL files in the skill', which is expected for a vetter but means the agent must be granted file access to the target skill only (avoid giving it broader system permissions).
Install Mechanism
No install spec and no code files — lowest install risk. Nothing will be written to disk by the skill itself.
Credentials
The skill requires no environment variables, credentials, or config paths; that is proportionate for an instruction-only vetting checklist.
Persistence & Privilege
always:false and default model invocation settings are used. The skill does not request persistent installation or elevated privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install claw-skill-vetter-pro - After installation, invoke the skill by name or use
/claw-skill-vetter-pro - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of skill-vetter for version 1.0.0.
- Provides a step-by-step protocol for security-first vetting of AI agent skills before installation.
- Includes a checklist for source verification, mandatory code review with a list of red flags, permission scope assessment, and risk classification.
- Offers a standardized output format for vetting reports.
- Adds quick vetting commands and a trust hierarchy to guide security decisions.
- Emphasizes caution and documentation for all skill installations.
Metadata
Frequently Asked Questions
What is Claw Skill Vetter Pro?
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,... It is an AI Agent Skill for Claude Code / OpenClaw, with 170 downloads so far.
How do I install Claw Skill Vetter Pro?
Run "/install claw-skill-vetter-pro" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Claw Skill Vetter Pro free?
Yes, Claw Skill Vetter Pro is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Claw Skill Vetter Pro support?
Claw Skill Vetter Pro is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Claw Skill Vetter Pro?
It is built and maintained by Williamwang-wh (@williamwang-wh); the current version is v1.0.0.
More Skills