← 返回 Skills 市场
164
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install skill-vetter-liomi
功能描述
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
安全使用建议
This skill is a coherent, instruction-only 'vetter' and appears to do what it says: guide an agent/human through reviewing other skills. Before you rely on it, remember: (1) it tells the agent to read files and run curl against GitHub — ensure the agent is sandboxed and has only the minimal permissions needed; (2) it does not supply automated deep-detection: it cannot guarantee detection of obfuscated binaries or hidden native installers — manual review and runtime sandboxing are still necessary; (3) if you or your agent run the GitHub API commands with authentication, that will use your tokens/credentials — the skill doesn't require them but could operate using them if available, so limit token scopes; (4) follow its own advice: check install scripts, network endpoints, and any requests for credentials before installing a skill. Overall this skill is useful and proportionate, but it's an advisory tool — not a substitute for careful manual review and sandbox testing.
功能分析
Type: OpenClaw Skill
Name: skill-vetter-liomi
Version: 1.0.0
The skill-vetter bundle is a security-focused instruction set (SKILL.md) designed to guide an AI agent through a vetting protocol for other skills. It includes a comprehensive checklist of red flags, risk levels, and reporting templates. The provided shell commands are limited to fetching metadata and file contents from GitHub for analysis purposes and do not involve executing untrusted code.
能力评估
Purpose & Capability
Name and description (skill vetting) align with the SKILL.md content. The runtime instructions explain how to review repos, list files, and check for red flags — all directly relevant to a vetter.
Instruction Scope
Instructions ask the agent to read all files of the target skill and to use GitHub API / raw.githubusercontent curl commands for GitHub-hosted skills. Reading a skill's files is necessary for vetting, but it requires the agent to have file/network access and adequate sandboxing; the instruction text does not itself request unrelated system secrets. Be aware 'Read ALL files' is broad and depends on the agent's execution privileges.
Install Mechanism
No install spec and no code files — instruction-only skill. This is the lowest-risk install mechanism; nothing is written to disk by the skill itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. The quick-commands use public GitHub APIs; they do not require tokens (though using authenticated queries would if the agent chooses to).
Persistence & Privilege
always is false and there is no install/persistence behavior. The skill can be invoked by the agent (normal), but it does not request or modify other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skill-vetter-liomi - 安装完成后,直接呼叫该 Skill 的名称或使用
/skill-vetter-liomi触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of skill-vetter.
- Provides a security-first vetting protocol for AI agent skills.
- Guides users through source verification, mandatory code review, permission assessment, and risk classification.
- Supplies a standard output/report format for skill vetting.
- Includes quick vet commands and a trust hierarchy for decision-making.
- Adds _meta.json file for skill metadata.
元数据
常见问题
Testskill 是什么?
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 164 次。
如何安装 Testskill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-vetter-liomi」即可一键安装,无需额外配置。
Testskill 是免费的吗?
是的,Testskill 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Testskill 支持哪些平台?
Testskill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Testskill?
由 Liomichan(@liomichan)开发并维护,当前版本 v1.0.0。
推荐 Skills