Skillstore
ReviewAudited by ClawScan on May 10, 2026.
Overview
SkillStore appears to do what it claims, but it can install unpinned GitHub-sourced skills and uses shell execution, so users should review it carefully before use.
Install only if you intentionally want this skill to manage your OpenClaw skill set. Before accepting any GitHub result, inspect the repository and prefer trusted, pinned sources; do not run it with elevated privileges, and periodically review its config/history file.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A selected GitHub result could add unreviewed instructions or code to the user's OpenClaw environment.
The skill can install skills discovered through a broad GitHub repository search, but the artifacts do not describe trusted owners, commit pinning, signature checks, sandboxing, or a review step before adding new agent capabilities.
3. **GitHub** - Search openclaw repositories ... Enter number → Install from GitHub
Only install from trusted repositories, review the repository contents first, prefer pinned commits or signed releases, and ask the skill to show the exact install target before proceeding.
If command construction is unsafe, a malformed input or unexpected repository value could cause unintended local commands to run.
The code uses shell command execution. This is plausibly purpose-aligned for installing or creating skills, but raw shell execution is a sensitive mechanism if commands include user- or repository-derived values.
const { exec } = require('child_process'); ... exec(cmd, (error) => {Use least-privileged accounts, avoid running as root, and prefer implementations that validate inputs and use spawn/execFile with argument arrays instead of shell strings.
If treated too broadly, these instructions could make an agent less likely to ask clarifying or safety questions during skill creation.
The bundled development guidelines include broad agent-behavior instructions. They are not hidden and are related to skill creation, but they should not override normal safety checks or apply outside the intended skill-development context.
When developing skills, ALWAYS follow these rules ... When user requests something, execute it unless it causes actual harm ... Trust the user's judgment
Keep these guidelines scoped to generated skill templates and preserve explicit user approval for high-impact changes.
Local history may reveal what skills the user searched for or installed.
The skill stores local configuration including installed skills and search history. This is expected for a skill manager, but it is persistent local state.
const CONFIG_FILE = path.join(__dirname, 'config.json'); ... return { installed: [], searchHistory: [] };Review or clear config.json if you do not want this local history retained.