Skillstore
v1.0.0Search, install, and create OpenClaw skills using intelligent matching across built-in, local, and GitHub skill repositories.
⭐ 0· 689·4 current·4 all-time
byGlitch@chris6970barbarian-hue
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (search/install/create skills) align with the included code and docs. Minor mismatch: SKILL.md says local skills are in ~/.openclaw/workspace/skills/, but main.js.searchLocal looks at the parent directory of the skill (path.join(__dirname, '..')). That's inconsistent but plausibly an implementation detail.
Instruction Scope
SKILL.md instructs searching known, local, and GitHub sources and installing from GitHub. main.js implements these searches, reads local skill files (SKILL.md/README.md) in sibling directories, queries the GitHub search API, and references child_process.exec (used for installs). The instructions do not show exact install commands the script will run — the presence of exec means installs could run arbitrary shell commands from repos, which is expected behavior for an installer but increases risk if you don't review targets first.
Install Mechanism
No install spec is declared (instruction-only), and no external archive downloads or extract steps are present in repository metadata. The included main.js uses HTTPS to call the GitHub API and uses child_process.exec for operations (likely cloning/installing). No suspicious external download URLs or shorteners were found in the provided files.
Credentials
The skill declares no required env vars or credentials and its code does not read secrets or environment variables. It uses only public GitHub API calls and local filesystem access relative to the skill location.
Persistence & Privilege
The skill is not always-enabled, and it stores state in a local config.json (CONFIG_FILE in its directory). It does not request elevated privileges or modify other skills' configs according to the provided files.
Assessment
This skill appears to do what it says: search built-in/local/GitHub skills and install/create skills. Before installing or using it, review the main.js install/exec logic (look for exactly what commands it runs when installing a GitHub repo). Expect the CLI to read sibling skill directories (it scans SKILL.md/README.md), and expect it to write a local config.json in the skill directory. When installing a skill from GitHub, manually inspect the repo (or test in an isolated environment) because installers commonly shell out and may run repo-provided scripts. Also note the docs claim a different local-skill path (~/.openclaw/...) than the code uses — verify where it will actually search on your system if that matters.Like a lobster shell, security has layers — review code before you run it.
latest
SkillStore - OpenClaw Skill Manager
Search, install, and create OpenClaw skills with intelligent matching.
Skill Metadata
- Name: skillstore
- Type: OpenClaw Skill
- Purpose: Search existing skills, install from GitHub, or create new ones
Setup Commands
No setup required. Works out of the box.
Usage Commands
Search & Install
# Search for a skill (applies 30% threshold)
skillstore <query>
# Examples:
skillstore home assistant
skillstore weather
skillstore smart home
skillstore email gmail
skillstore github
List & Show
# List installed skills
skillstore list
# Show all known skills (20 built-in)
skillstore known
Create New
# Create new skill with templates
skillstore create <name>
skillstore new <name>
# Examples:
skillstore create my-awesome-skill
skillstore new weather-widget
How Search Works
Matching Algorithm
- Tokenize - Split query into keywords
- Calculate - Jaccard similarity + keyword boost
- Filter - Remove results below 30% threshold
- Rank - Sort by relevance score
- Display - Show with visual score bar
Match Score
Score >= 50% = Strong match (green bar)
Score >= 30% = Weak match (yellow bar)
Score < 30% = Not shown (filtered)
Search Sources (in order)
- Known Skills - Built-in database of 20 skills
- Local Skills - Skills in ~/.openclaw/workspace/skills/
- GitHub - Search openclaw repositories
Interaction Flow
1. User runs: skillstore home assistant
2. System searches all 3 sources
3. System filters by threshold
4. Results shown with scores:
1. [KNOWN] homeassistant ████████░░ 85%
Control smart home devices...
2. [LOCAL] homeassistant ███████░░░ 78%
3. [GIT] openclaw-homeassistant ██████░░░░ 62%
5. User chooses:
- Enter number → Install from GitHub
- n → Create new skill
- q → Quit
Known Skills Database
Built-in skills (searchable):
| Skill | Description |
|---|---|
| homeassistant | Smart home control (HA API) |
| gog | Google Workspace (Gmail, Calendar, Drive) |
| weather | Weather forecasts |
| github | GitHub CLI integration |
| himalaya | Email via IMAP/SMTP |
| obsidian | Obsidian vault integration |
| sonoscli | Sonos speaker control |
| blucli | BluOS speaker control |
| eightctl | Eight Sleep pod control |
| ordercli | Food delivery orders |
| blogwatcher | RSS feed monitoring |
| gifgrep | GIF search/download |
| video-frames | Video frame extraction |
| youtube-summarizer | YouTube transcript summary |
| ga4 | Google Analytics 4 |
| gsc | Google Search Console |
| wacli | WhatsApp messaging |
| browser | Browser automation |
| healthcheck | Security hardening |
Error Handling
- No results above threshold: Offer to create new skill
- GitHub search fails: Fall back to local/known
- Install fails: Show error with reason
Related Skills
- homeassistant
- openclaw-migrate
- skill-templates (legacy, use skillstore)
Files
skillstore/
├── SKILL.md # This file
├── README.md # User docs
├── main.js # CLI with intelligent search
└── config.json # Install history
Comments
Loading comments...