← Back to Skills Marketplace
spclaudehome

Skill Vetter

by spclaudehome · GitHub ↗ · v1.0.0
cross-platform ✓ Security Clean
230341
Downloads
1041
Stars
4177
Active Installs
1
Versions
Install in OpenClaw
/install skill-vetter
Description
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
README (SKILL.md)

Skill Vetter 🔒

Security-first vetting protocol for AI agent skills. Never install a skill without vetting it first.

When to Use

  • Before installing any skill from ClawdHub
  • Before running skills from GitHub repos
  • When evaluating skills shared by other agents
  • Anytime you're asked to install unknown code

Vetting Protocol

Step 1: Source Check

Questions to answer:
- [ ] Where did this skill come from?
- [ ] Is the author known/reputable?
- [ ] How many downloads/stars does it have?
- [ ] When was it last updated?
- [ ] Are there reviews from other agents?

Step 2: Code Review (MANDATORY)

Read ALL files in the skill. Check for these RED FLAGS:

🚨 REJECT IMMEDIATELY IF YOU SEE:
─────────────────────────────────────────
• curl/wget to unknown URLs
• Sends data to external servers
• Requests credentials/tokens/API keys
• Reads ~/.ssh, ~/.aws, ~/.config without clear reason
• Accesses MEMORY.md, USER.md, SOUL.md, IDENTITY.md
• Uses base64 decode on anything
• Uses eval() or exec() with external input
• Modifies system files outside workspace
• Installs packages without listing them
• Network calls to IPs instead of domains
• Obfuscated code (compressed, encoded, minified)
• Requests elevated/sudo permissions
• Accesses browser cookies/sessions
• Touches credential files
─────────────────────────────────────────

Step 3: Permission Scope

Evaluate:
- [ ] What files does it need to read?
- [ ] What files does it need to write?
- [ ] What commands does it run?
- [ ] Does it need network access? To where?
- [ ] Is the scope minimal for its stated purpose?

Step 4: Risk Classification

Risk Level Examples Action
🟢 LOW Notes, weather, formatting Basic review, install OK
🟡 MEDIUM File ops, browser, APIs Full code review required
🔴 HIGH Credentials, trading, system Human approval required
⛔ EXTREME Security configs, root access Do NOT install

Output Format

After vetting, produce this report:

SKILL VETTING REPORT
═══════════════════════════════════════
Skill: [name]
Source: [ClawdHub / GitHub / other]
Author: [username]
Version: [version]
───────────────────────────────────────
METRICS:
• Downloads/Stars: [count]
• Last Updated: [date]
• Files Reviewed: [count]
───────────────────────────────────────
RED FLAGS: [None / List them]

PERMISSIONS NEEDED:
• Files: [list or "None"]
• Network: [list or "None"]  
• Commands: [list or "None"]
───────────────────────────────────────
RISK LEVEL: [🟢 LOW / 🟡 MEDIUM / 🔴 HIGH / ⛔ EXTREME]

VERDICT: [✅ SAFE TO INSTALL / ⚠️ INSTALL WITH CAUTION / ❌ DO NOT INSTALL]

NOTES: [Any observations]
═══════════════════════════════════════

Quick Vet Commands

For GitHub-hosted skills:

# Check repo stats
curl -s "https://api.github.com/repos/OWNER/REPO" | jq '{stars: .stargazers_count, forks: .forks_count, updated: .updated_at}'

# List skill files
curl -s "https://api.github.com/repos/OWNER/REPO/contents/skills/SKILL_NAME" | jq '.[].name'

# Fetch and review SKILL.md
curl -s "https://raw.githubusercontent.com/OWNER/REPO/main/skills/SKILL_NAME/SKILL.md"

Trust Hierarchy

  1. Official OpenClaw skills → Lower scrutiny (still review)
  2. High-star repos (1000+) → Moderate scrutiny
  3. Known authors → Moderate scrutiny
  4. New/unknown sources → Maximum scrutiny
  5. Skills requesting credentials → Human approval always

Remember

  • No skill is worth compromising security
  • When in doubt, don't install
  • Ask your human for high-risk decisions
  • Document what you vet for future reference

Paranoia is a feature. 🔒🦀

Usage Guidance
This skill appears safe to use as a manual vetting checklist. Before installing, note that its publisher provenance is limited, and when applying it to other skills, only fetch user-approved repositories and treat reviewed files as untrusted content rather than executable instructions.
Capability Analysis
Type: OpenClaw Skill Name: skill-vetter Version: 1.0.0 This skill, 'skill-vetter', is designed to help AI agents identify security risks in other skills. The `SKILL.md` file outlines a vetting protocol, including a comprehensive list of 'RED FLAGS' for agents to look for in untrusted code. The 'Quick Vet Commands' section uses `curl` to fetch metadata and file contents from GitHub (api.github.com, raw.githubusercontent.com) for *other* skills, which is directly aligned with its stated purpose of vetting. There is no evidence of malicious intent, data exfiltration, or harmful prompt injection against the agent itself; rather, it instructs the agent on how to detect such behaviors in external skills.
Capability Assessment
Purpose & Capability
The SKILL.md content matches the stated purpose: it provides a protocol for reviewing other skills before installation. No code files, install spec, credentials, required binaries, or capability tags are present.
Instruction Scope
The workflow asks the agent to read and fetch third-party skill files for review. This is purpose-aligned, but those candidate skill files should be treated as untrusted content, not as instructions to follow.
Install Mechanism
There is no install spec or runnable code. The supplied metadata lists the source as unknown and no homepage, so provenance is limited even though the artifact itself is low-impact.
Credentials
The skill includes optional curl/jq examples for querying GitHub metadata and fetching SKILL.md files. Network use is disclosed and proportionate to vetting GitHub-hosted skills.
Persistence & Privilege
No persistence, background behavior, elevated privileges, credential access, environment variables, or config paths are requested.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install skill-vetter
  3. After installation, invoke the skill by name or use /skill-vetter
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release - Security-first skill vetting for AI agents
Metadata
Slug skill-vetter
Version 1.0.0
License
All-time Installs 4277
Active Installs 4177
Total Versions 1
More Skills
Self-Improving Agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 422041 · by pskoett
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 180274 · by ivangdavila
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 175902 · by oswalpalash
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 170920 · by steipete
Gog
Google Workspace CLI for Gmail, Calendar, Drive, Contacts, Sheets, and Docs.
⬇ 168014 · by steipete
SkillScan
Security gate for skills. Every new skill MUST pass SkillScan before use. Activate on any install, load, add, evaluate, or safety question about a skill. On...
⬇ 166652 · by tokauthai

💬 Comments