← 返回 Skills 市场
77
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install skill-vetter-hermes
功能描述
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
安全使用建议
This package appears to be a vetting checklist and integration plan, not a complete, self-contained scanner. Before you run or integrate it: 1) Do not run any suggested modification commands that edit clawhub or system files without inspecting the exact changes. 2) Ask the publisher for the missing skill_vetter.ps1 (or the actual scanner binary) and review its source before executing it. 3) Confirm whether the scanner needs to read token files or other credentials; never give it access to your Clawhub token or ~/.openclaw workspace without manual review. 4) If you want a vetting workflow, prefer a vetted, signed scanner distributed from an official source (or run any new scanner inside an isolated sandbox/VM). 5) If you plan to integrate auto-blocking into clawhub, require a human review step and code review of the exact patch to clawhub's CLI rather than applying opaque instructions from this package.
功能分析
Type: OpenClaw Skill
Name: skill-vetter-hermes
Version: 1.2.0
The skill-vetter bundle is a security utility designed to audit and vet other OpenClaw skills before installation. It provides a structured protocol for AI agents to identify 'red flags' such as credential theft, obfuscated code, and unauthorized network access. While the instructions in SKILL.md include shell commands (curl, jq) to fetch metadata and content from GitHub (api.github.com, raw.githubusercontent.com), these actions are strictly aligned with the stated purpose of remote skill auditing. No evidence of malicious intent, data exfiltration, or harmful prompt injection was found.
能力评估
Purpose & Capability
The name/description (skill vetting) matches the instructions in SKILL.md. However package metadata (package.json main -> skill_vetter.ps1 and INTEGRATION_REPORT.md references a PowerShell scanner) describe an executable that is not present in the manifest. The docs also describe modifying clawhub internals to integrate the scanner — a capability beyond a simple instruction-only vetting guide. This mismatch (claims of an executable + integration hooks vs. no actual executable files) is incoherent and should be explained by the author.
Instruction Scope
SKILL.md tells an agent to read ALL files of target skills and includes explicit integration hooks that modify the clawhub install path and auto-block installs. It also references reading/writing token locations and workspace paths. Those instructions go beyond passive vetting guidance and would require filesystem access and changes to other tooling; they grant broad authority and should not be executed blindly. The skill also instructs auto-blocking installs with no UI confirmation in some cases.
Install Mechanism
There is no install spec and no code files included in the package (instruction-only). That is the lowest-risk install model — nothing in the package will be written to disk by an installer. However the documentation expects an external PowerShell script (skill_vetter.ps1) to exist for actual scanning; because that script is missing, any attempt to follow integration steps would require obtaining and running external code (higher risk).
Credentials
The skill declares no required env vars or credentials, but the docs reference environment variable CLAWHUB_SKILL_VETTER, a Clawhub token path (C:\Users\atlas\.clawhub\token), and default workspace locations. The instructions would have agents read or modify user workspace and CLI installation paths and potentially access saved tokens — access to these secrets/configs is not declared or justified in metadata.
Persistence & Privilege
SKILL.md describes modifying clawhub's installation flow (editing cli/commands/skills.js) to call the scanner before installs and to auto-block. That requires modifying other software and granting persistent influence over future installs. The skill metadata does not request or justify such persistence or elevated privileges. While always:false and autonomous invocation are normal, the skill's own instructions attempt to create permanent hooks into the package manager, which is a privilege escalation risk if followed.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-vetter-hermes - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-vetter-hermes触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.2.0
**Major update: automatic blocking of high-risk skills and stricter security protocol.**
- Introduced a 2-level trust hierarchy for skill vetting (OFFICIAL vs COMMUNITY skills).
- Added automatic blocking of HIGH and EXTREME risk skills from community/unknown sources.
- Scan failures now block installation by default.
- Updated output/reporting format to clearly show trust and risk levels.
- Enhanced documentation and integration instructions for use with clawhub installation.
- Added new project and integration files: origin.json, INTEGRATION_REPORT.md, PUBLISH_GUIDE.md, etc.
元数据
常见问题
Skill Vetter 是什么?
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 77 次。
如何安装 Skill Vetter?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-vetter-hermes」即可一键安装,无需额外配置。
Skill Vetter 是免费的吗?
是的,Skill Vetter 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Skill Vetter 支持哪些平台?
Skill Vetter 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skill Vetter?
由 十三香小精灵(@atlaszj)开发并维护,当前版本 v1.2.0。
推荐 Skills