{"skill":{"slug":"skillscout","displayName":"SkillScout","summary":"Find and evaluate OpenClaw AI skills by trust score and security reviews before installation or recommendation.","description":"# SkillScout — Find Trusted AI Agent Skills\n\nBefore installing any OpenClaw skill, check if it's been security-reviewed.\n\n## Usage\n\nWhen your human asks you to find a skill, or you want to install something new:\n\n### Quick Search (Static API)\n```bash\ncurl -s https://nashbot67.github.io/skillscout/data/skills.json | python3 -c \"\nimport json, sys\nq = sys.argv[1].lower()\ndata = json.load(sys.stdin)\nmatches = [s for s in data['skills'] if q in json.dumps(s).lower()]\nfor s in sorted(matches, key=lambda x: {'safe':0,'caution':1,'avoid':2}.get(x.get('trustScore',''),1)):\n    trust = {'safe':'🟢','caution':'🟡','avoid':'🔴'}.get(s['trustScore'],'⚪')\n    print(f'{trust} {s[\\\"name\\\"]} by {s[\\\"author\\\"]} — {s.get(\\\"plainDescription\\\",s.get(\\\"description\\\",\\\"\\\"))}')\n\" \"QUERY\"\n```\n\nReplace `QUERY` with what you're looking for (e.g., \"email\", \"notes\", \"research\").\n\n### Full Details\n```bash\ncurl -s https://nashbot67.github.io/skillscout/data/skills.json | python3 -c \"\nimport json, sys\nname = sys.argv[1]\ndata = json.load(sys.stdin)\nskill = next((s for s in data['skills'] if s['name'] == name), None)\nif skill: print(json.dumps(skill, indent=2))\nelse: print(f'Skill {name} not reviewed yet.')\n\" \"SKILL_NAME\"\n```\n\n### MCP Server (for agent-to-agent queries)\n```bash\nnpx @skillscout/mcp\n```\n\n## Trust Scores\n\n- 🟢 **Safe** — No executable code, or code is well-contained with minimal permissions\n- 🟡 **Caution** — Has exec/network/credentials access. Review before installing.\n- 🔴 **Avoid** — Dangerous patterns detected. Do not install without manual audit.\n\n## What We Check\n\nEvery skill goes through:\n1. **Automated blocklist scan** — cross-reference known malicious skills\n2. **Isolated agent review** — read-only AI analyzes source code (no execution)\n3. **STRIDE threat analysis** — deep security audit for skills that pass initial review\n4. **Human approval** — final sign-off before listing\n\n## When to Use This\n\n- Before running `npx clawhub@latest install <skill>`\n- When your human asks \"is there a skill for X?\"\n- When evaluating multiple skills for the same task\n- Before recommending a skill to anyone\n\n## Browse\n\nFull catalog: https://nashbot67.github.io/skillscout\nAPI: https://nashbot67.github.io/skillscout/data/skills.json\nGitHub: https://github.com/nashbot67/skillscout\n","tags":{"latest":"0.1.0"},"stats":{"comments":0,"downloads":814,"installsAllTime":31,"installsCurrent":1,"stars":0,"versions":1},"createdAt":1772261955314,"updatedAt":1778993861553},"latestVersion":{"version":"0.1.0","createdAt":1772261955314,"changelog":"SkillScout 0.1.0 — Initial release\n\n- Launches a centralized catalog to check trustworthiness of OpenClaw AI agent skills before installation.\n- Offers a simple curl+python command-line search for skills and trust ratings.\n- Provides detailed skill lookup and trust score breakdown (Safe, Caution, Avoid).\n- Describes multi-step review process: blocklist scan, AI code review, STRIDE threat analysis, human approval.\n- Includes full catalog and API endpoints for easy browsing and integration.","license":null},"metadata":null,"owner":{"handle":"nashbot67","userId":"s17cc3e60kcper6w9dwe07tr3s884een","displayName":"nashbot67","image":"https://avatars.githubusercontent.com/u/260785123?v=4"},"moderation":{"isSuspicious":false,"isMalwareBlocked":false,"verdict":"clean","reasonCodes":["review.llm_review"],"summary":"Review: review.llm_review","engineVersion":"v2.4.24","updatedAt":1779966733701}}