← 返回 Skills 市场
nashbot67

SkillScout

作者 nashbot67 · GitHub ↗ · v0.1.0
cross-platform ⚠ suspicious
431
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install skillscout
功能描述
Find and evaluate OpenClaw AI skills by trust score and security reviews before installation or recommendation.
安全使用建议
What to consider before using or installing SkillScout: - Treat the repo as potentially active code: although SKILL.md is brief, the project includes scripts and a server package that will fetch code and write files. Do not run anything blindly. - SKILL.md examples use curl, python3, and npx, but the registry metadata lists no required binaries. If you plan to follow examples, ensure those tools are available and inspect any remote URLs first. - The catalog is hosted on an external static site (https://nashbot67.github.io/...). Verify you trust that domain and the JSON it serves before piping it into commands. If possible, fetch and inspect the JSON locally instead of executing it immediately. - The project claims an isolated, read-only review agent, but the repo contains fetch-and-write scripts — confirm how the review agent is actually invoked and whether network access is used in your environment. - If you want to run the MCP server (npx @skillscout/mcp): inspect the package on npm (confirm publisher identity), review its code, and run it in a sandbox or ephemeral environment first. - Prefer manual code review of the scripts (fetch-skill.sh, review-skill.sh, harden-skill.sh, mcp-server) before executing them. Look for any commands that download archives, run installs, or execute unverified code. If you want, I can: - List the exact shell commands and files in the repo that perform network or filesystem operations. - Extract and show the curl/npx/python usage lines so you can inspect the remote endpoints before running them. - Suggest a safe sequence to test the tool in a sandbox (Docker container) and what to watch for.
功能分析
Type: OpenClaw Skill Name: skillscout Version: 0.1.0 The SkillScout bundle, despite its stated goal of enhancing security, contains several critical vulnerabilities. The `SKILL.md` file includes a `curl | python3 -c` command that is vulnerable to remote code execution if the remote JSON file is compromised or if the `QUERY` argument is maliciously crafted. Furthermore, the `scripts/fetch-skill.sh` script is susceptible to shell injection and path traversal via unsanitized user input when constructing `gh api` commands and `curl` URLs. Both `mcp-server/index.js` and `mcp/server.js` generate `npx clawhub@latest install` commands with unsanitized skill names, creating a prompt injection vector against any agent that executes their output. These flaws could lead to arbitrary code execution on the host system, classifying the bundle as suspicious due to severe vulnerabilities, not intentional malice.
能力评估
Purpose & Capability
The name/description (find and evaluate skills) aligns with the included files: a static-site dataset, review templates, an MCP server, and helper scripts for fetching and reviewing skills. However the SKILL metadata claims 'instruction-only' and lists no required binaries/env, while SKILL.md and the repo clearly rely on external tooling (curl, python3, npx) and network-hosted JSON (nashbot67.github.io). That omission is an incoherence the user should know about.
Instruction Scope
SKILL.md itself gives simple on-the-wire usage (curl → parse JSON, and 'npx @skillscout/mcp'). The repository contains many scripts (fetch-skill.sh, review-skill.sh, harden-skill.sh, batch-review.sh) that perform network fetches and write files; those behaviors are not reflected in the minimal SKILL.md or metadata. The ARCHITECTURE.md claims a read-only, no-network review agent, but the surrounding scripts indicate the project fetches remote skill sources and writes artifacts to disk — this is scope creep vs the runtime instructions shown to users.
Install Mechanism
There is no declared install spec (lowest-risk surface), but SKILL.md recommends running 'npx @skillscout/mcp' and uses curl/python3 in examples. Running the MCP package (if you do) would execute code pulled from npm; the repository also contains server code (mcp-server) and scripts that download and write files. Absence of an explicit install section and missing declaration of required tools is inconsistent and increases operational risk if users execute the provided commands without inspection.
Credentials
The skill declares no required environment variables or credentials, which is appropriate for a read-only catalog. But the catalog and scripts reference external APIs and processed skills that themselves may require credentials (the included skills.json entries show many skills with 'credentials' permissions). The SkillScout package does not request secrets up front, but running its scripts or the MCP server could lead you to provide API keys for downstream skills — be mindful those are for the target skills, not SkillScout itself.
Persistence & Privilege
always:false (good). Still, multiple examples and scripts in the repo show writing files to user locations (e.g., creating ~/.config/... for reviewed skills). If you run the provided scripts or the MCP server they may persist downloaded skill artifacts and fetched docs locally. The SKILL metadata did not surface that behavior — users should expect the tool to write files and to run network operations if they invoke it.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install skillscout
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /skillscout 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
SkillScout 0.1.0 — Initial release - Launches a centralized catalog to check trustworthiness of OpenClaw AI agent skills before installation. - Offers a simple curl+python command-line search for skills and trust ratings. - Provides detailed skill lookup and trust score breakdown (Safe, Caution, Avoid). - Describes multi-step review process: blocklist scan, AI code review, STRIDE threat analysis, human approval. - Includes full catalog and API endpoints for easy browsing and integration.
元数据
Slug skillscout
版本 0.1.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

SkillScout 是什么?

Find and evaluate OpenClaw AI skills by trust score and security reviews before installation or recommendation. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 431 次。

如何安装 SkillScout?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install skillscout」即可一键安装,无需额外配置。

SkillScout 是免费的吗?

是的,SkillScout 完全免费(开源免费),可自由下载、安装和使用。

SkillScout 支持哪些平台?

SkillScout 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 SkillScout?

由 nashbot67(@nashbot67)开发并维护,当前版本 v0.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论