Silas Skill Auditor
PassAudited by ClawScan on May 10, 2026.
Overview
This is an instruction-only skill auditor whose requested file and command use mostly matches its purpose, but its metadata and capability signals should be verified before trusting it.
This skill appears safe to use as an instruction-only checklist for auditing other skills, but verify its identity because the packaged metadata does not match the registry entry. Do not provide wallet or credential access if prompted, and review any remote skill fetch or cleanup command before running it.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may download untrusted skill contents and delete the temporary audit directory as part of the review workflow.
The skill tells the agent to fetch a remote skill into a temporary directory and then delete that directory. This is consistent with pre-install security review, but it is still local command execution and remote artifact retrieval.
clawdhub install <技能名> --dir /tmp/skill-audit-tmp rm -rf /tmp/skill-audit-tmp
Use this only for skill names you intend to review, keep the temporary path scoped, and avoid changing the cleanup command to a broader directory.
Users may have difficulty confirming whether the installed artifact is the same skill described in the registry.
The included metadata identifies a different slug/version than the registry entry for `silas-skill-auditor` version 1.0.0, creating a provenance and identity inconsistency.
"slug": "sam-skill-auditor", "version": "2.0.0"
Verify the publisher, slug, and version before relying on this auditor, and ask the maintainer to align `_meta.json` with the registry metadata.
If an installer or agent asks for wallet or credential access for this skill, that request would not be explained by the provided artifacts.
The capability signals mention wallet and sensitive-credential needs, but the requirements list says no env vars, no primary credential, and SKILL.md does not justify wallet access.
Capability signals: requires-wallet; requires-sensitive-credentials
Do not grant wallet or credential access to this skill unless the maintainer provides a clear, reviewed reason and updated metadata.