← Back to Skills Marketplace
Skill Creator Enhanced (Vault Awareness)
by
maverick-software
· GitHub ↗
· v1.0.0
342
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install skill-creator-vault-enhancement
Description
Create or update AgentSkills. Use when designing, structuring, or packaging skills with scripts, references, and assets.
Usage Guidance
This package looks like a legitimate skill-authoring toolkit: packaging, initialization, and validation scripts are appropriate for the stated purpose. However, the submission included truncated file contents (notably parts of SKILL.md and init_skill.py were cut off), so I couldn't fully review all code. Before installing or granting it to an agent: 1) Inspect the full init_skill.py and any truncated files for any network calls, subprocess.exec/child_process usage, or code that reads arbitrary filesystem paths (especially home directories, /etc, or other skills' folders). 2) Search the scripts for any hardcoded secrets or endpoints. 3) Run the scripts in a sandboxed environment to confirm behavior (packaging/validation only). 4) If you plan to let the agent invoke this autonomously, consider limiting its access and reviewing telemetry/logging to ensure it cannot exfiltrate secrets. If you can provide the full untruncated sources I can raise confidence or flag specific issues found there.
Capability Analysis
Type: OpenClaw Skill
Name: skill-creator-vault-enhancement
Version: 1.0.0
This OpenClaw AgentSkills bundle is designed for creating, validating, and packaging other skills. The `SKILL.md` acts as a comprehensive guide for skill developers, emphasizing secure practices like using a vault-based credential system and explicitly warning against hardcoding API keys. The Python scripts (`init_skill.py`, `package_skill.py`, `quick_validate.py`) implement these guidelines, including robust security features such as skipping symlinks and preventing path traversal during packaging, and detecting hardcoded API keys during validation. The presence of unit tests specifically for these security features further reinforces a strong commitment to secure skill development. There is no evidence of malicious intent, data exfiltration, or prompt injection against the executing agent; instead, the instructions and code aim to prevent such vulnerabilities in skills being created.
Capability Assessment
Purpose & Capability
Name/description match the included scripts and SKILL.md: the package_skill, init_skill, and quick_validate scripts implement packaging, initialization, and validation of skills which is exactly what a 'Skill Creator' should provide. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope
SKILL.md content (the visible portion) stays on topic: guidance for creating skills, recommended structure, and when to include scripts/references/assets. The runtime instructions do not ask the agent to read arbitrary system files, network endpoints, or unrelated credentials.
Install Mechanism
No install specification (instruction-only) and the included scripts are local Python utilities. No remote downloads or archive extraction from untrusted URLs are present in the visible code.
Credentials
The skill declares no required environment variables or primary credential. quick_validate contains checks for accidentally hardcoded API keys (a safety feature) and init_skill templates show where to document required env vars — these are proportional and expected.
Persistence & Privilege
The skill is not always-enabled, is user-invocable, and does not request elevated persistence or modify other skills' configurations in the inspected files. Autonomous invocation is allowed by platform default but is not combined with other high-risk flags here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-creator-vault-enhancement - After installation, invoke the skill by name or use
/skill-creator-vault-enhancement - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the skill-creator-vault-enhancement skill.
- Provides a comprehensive guide for creating and structuring effective AgentSkills.
- Explains modular skill packaging, including metadata, scripts, references, and assets.
- Outlines principles for concise context usage and appropriate detail levels.
- Details required and optional contents of a skill, with best practices for organization.
- Introduces the progressive disclosure pattern for efficient context management.
Metadata
Frequently Asked Questions
What is Skill Creator Enhanced (Vault Awareness)?
Create or update AgentSkills. Use when designing, structuring, or packaging skills with scripts, references, and assets. It is an AI Agent Skill for Claude Code / OpenClaw, with 342 downloads so far.
How do I install Skill Creator Enhanced (Vault Awareness)?
Run "/install skill-creator-vault-enhancement" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skill Creator Enhanced (Vault Awareness) free?
Yes, Skill Creator Enhanced (Vault Awareness) is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Skill Creator Enhanced (Vault Awareness) support?
Skill Creator Enhanced (Vault Awareness) is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skill Creator Enhanced (Vault Awareness)?
It is built and maintained by maverick-software (@maverick-software); the current version is v1.0.0.
More Skills