← 返回 Skills 市场
blueworldmarketing

Skill Vetter Bwm

作者 blueworldmarketing · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
84
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install skill-vetter-bwm
功能描述
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
安全使用建议
This skill is a safe, coherent checklist you can use to manually vet other skills. Before relying on it: (1) verify the publisher/owner identity (the included _meta.json ownerId differs from the registry header and there's no homepage), (2) remember it only gives guidance — it won't automatically detect every issue, so perform an actual file-level code review when required, (3) when following its quick commands you will perform network queries (GitHub API) — ensure network access and rate limits are acceptable, and (4) do not allow the agent to automatically execute or install code it reviews; keep a human in the loop for high-risk decisions (credentials, elevated privileges, or obfuscated code). If you want higher assurance, clone target repos locally and inspect contents, check signatures, and cross-check author reputation externally.
功能分析
Type: OpenClaw Skill Name: skill-vetter-bwm Version: 1.0.0 The skill is a defensive security tool designed to provide a structured vetting protocol for AI agents to evaluate other skills. It includes a comprehensive list of red flags, risk levels, and reporting templates to identify potential malware or vulnerabilities. The provided shell commands in SKILL.md are limited to fetching public repository metadata from the GitHub API for auditing purposes and do not exhibit any malicious behavior.
能力评估
Purpose & Capability
The skill's name and description match the instructions: it's a manual vetting checklist for skills. It requests no credentials, binaries, or installs, which is appropriate. Note: repository metadata shows an ownerId mismatch between the registry header (kn76z25...) and the included _meta.json (kn71j6...), and there is no homepage; this metadata inconsistency is worth verifying but does not change the skill's operational footprint.
Instruction Scope
SKILL.md contains a clear, narrow checklist and commands for querying GitHub metadata (curl to api.github.com) — these are appropriate for vetting GitHub-hosted skills. The instructions require reading the target skill's files for review (expected). They do not instruct the agent to read host-sensitive files or to exfiltrate data.
Install Mechanism
No install spec and no code files — instruction-only. This minimizes risk because nothing is written to disk or executed by an installer.
Credentials
The skill requires no environment variables, credentials, or config paths. That is proportionate for a vetting checklist.
Persistence & Privilege
always is false and model invocation is allowed (default). The skill does not request permanent presence or system-wide changes; no evidence it would modify other skills' configs.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install skill-vetter-bwm
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /skill-vetter-bwm 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Security-first skill vetting protocol for AI agents. - Guides users to evaluate skill sources, code, permission scope, and risk level before installation. - Includes a detailed checklist of red flags and risk classifications. - Provides a standardized vetting report template. - Offers quick commands for vetting skills from GitHub. - Emphasizes strict procedures for handling unknown or high-risk code.
元数据
Slug skill-vetter-bwm
版本 1.0.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Skill Vetter Bwm 是什么?

Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 84 次。

如何安装 Skill Vetter Bwm?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-vetter-bwm」即可一键安装,无需额外配置。

Skill Vetter Bwm 是免费的吗?

是的,Skill Vetter Bwm 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Skill Vetter Bwm 支持哪些平台?

Skill Vetter Bwm 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Skill Vetter Bwm?

由 blueworldmarketing(@blueworldmarketing)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论