← 返回 Skills 市场
Skill Vetter
作者
spclaudehome
· GitHub ↗
· v1.0.0
230341
总下载
1041
收藏
4177
当前安装
1
版本数
在 OpenClaw 中安装
/install skill-vetter
功能描述
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
使用说明 (SKILL.md)
Skill Vetter 🔒
Security-first vetting protocol for AI agent skills. Never install a skill without vetting it first.
When to Use
- Before installing any skill from ClawdHub
- Before running skills from GitHub repos
- When evaluating skills shared by other agents
- Anytime you're asked to install unknown code
Vetting Protocol
Step 1: Source Check
Questions to answer:
- [ ] Where did this skill come from?
- [ ] Is the author known/reputable?
- [ ] How many downloads/stars does it have?
- [ ] When was it last updated?
- [ ] Are there reviews from other agents?
Step 2: Code Review (MANDATORY)
Read ALL files in the skill. Check for these RED FLAGS:
🚨 REJECT IMMEDIATELY IF YOU SEE:
─────────────────────────────────────────
• curl/wget to unknown URLs
• Sends data to external servers
• Requests credentials/tokens/API keys
• Reads ~/.ssh, ~/.aws, ~/.config without clear reason
• Accesses MEMORY.md, USER.md, SOUL.md, IDENTITY.md
• Uses base64 decode on anything
• Uses eval() or exec() with external input
• Modifies system files outside workspace
• Installs packages without listing them
• Network calls to IPs instead of domains
• Obfuscated code (compressed, encoded, minified)
• Requests elevated/sudo permissions
• Accesses browser cookies/sessions
• Touches credential files
─────────────────────────────────────────
Step 3: Permission Scope
Evaluate:
- [ ] What files does it need to read?
- [ ] What files does it need to write?
- [ ] What commands does it run?
- [ ] Does it need network access? To where?
- [ ] Is the scope minimal for its stated purpose?
Step 4: Risk Classification
| Risk Level | Examples | Action |
|---|---|---|
| 🟢 LOW | Notes, weather, formatting | Basic review, install OK |
| 🟡 MEDIUM | File ops, browser, APIs | Full code review required |
| 🔴 HIGH | Credentials, trading, system | Human approval required |
| ⛔ EXTREME | Security configs, root access | Do NOT install |
Output Format
After vetting, produce this report:
SKILL VETTING REPORT
═══════════════════════════════════════
Skill: [name]
Source: [ClawdHub / GitHub / other]
Author: [username]
Version: [version]
───────────────────────────────────────
METRICS:
• Downloads/Stars: [count]
• Last Updated: [date]
• Files Reviewed: [count]
───────────────────────────────────────
RED FLAGS: [None / List them]
PERMISSIONS NEEDED:
• Files: [list or "None"]
• Network: [list or "None"]
• Commands: [list or "None"]
───────────────────────────────────────
RISK LEVEL: [🟢 LOW / 🟡 MEDIUM / 🔴 HIGH / ⛔ EXTREME]
VERDICT: [✅ SAFE TO INSTALL / ⚠️ INSTALL WITH CAUTION / ❌ DO NOT INSTALL]
NOTES: [Any observations]
═══════════════════════════════════════
Quick Vet Commands
For GitHub-hosted skills:
# Check repo stats
curl -s "https://api.github.com/repos/OWNER/REPO" | jq '{stars: .stargazers_count, forks: .forks_count, updated: .updated_at}'
# List skill files
curl -s "https://api.github.com/repos/OWNER/REPO/contents/skills/SKILL_NAME" | jq '.[].name'
# Fetch and review SKILL.md
curl -s "https://raw.githubusercontent.com/OWNER/REPO/main/skills/SKILL_NAME/SKILL.md"
Trust Hierarchy
- Official OpenClaw skills → Lower scrutiny (still review)
- High-star repos (1000+) → Moderate scrutiny
- Known authors → Moderate scrutiny
- New/unknown sources → Maximum scrutiny
- Skills requesting credentials → Human approval always
Remember
- No skill is worth compromising security
- When in doubt, don't install
- Ask your human for high-risk decisions
- Document what you vet for future reference
Paranoia is a feature. 🔒🦀
安全使用建议
This skill appears safe to use as a manual vetting checklist. Before installing, note that its publisher provenance is limited, and when applying it to other skills, only fetch user-approved repositories and treat reviewed files as untrusted content rather than executable instructions.
功能分析
Type: OpenClaw Skill
Name: skill-vetter
Version: 1.0.0
This skill, 'skill-vetter', is designed to help AI agents identify security risks in other skills. The `SKILL.md` file outlines a vetting protocol, including a comprehensive list of 'RED FLAGS' for agents to look for in untrusted code. The 'Quick Vet Commands' section uses `curl` to fetch metadata and file contents from GitHub (api.github.com, raw.githubusercontent.com) for *other* skills, which is directly aligned with its stated purpose of vetting. There is no evidence of malicious intent, data exfiltration, or harmful prompt injection against the agent itself; rather, it instructs the agent on how to detect such behaviors in external skills.
能力评估
Purpose & Capability
The SKILL.md content matches the stated purpose: it provides a protocol for reviewing other skills before installation. No code files, install spec, credentials, required binaries, or capability tags are present.
Instruction Scope
The workflow asks the agent to read and fetch third-party skill files for review. This is purpose-aligned, but those candidate skill files should be treated as untrusted content, not as instructions to follow.
Install Mechanism
There is no install spec or runnable code. The supplied metadata lists the source as unknown and no homepage, so provenance is limited even though the artifact itself is low-impact.
Credentials
The skill includes optional curl/jq examples for querying GitHub metadata and fetching SKILL.md files. Network use is disclosed and proportionate to vetting GitHub-hosted skills.
Persistence & Privilege
No persistence, background behavior, elevated privileges, credential access, environment variables, or config paths are requested.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-vetter - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-vetter触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release - Security-first skill vetting for AI agents
元数据
推荐 Skills