ClawHub

Skill Vetter - Pre-Install Security Review

v1.0.0

Security vetting protocol before installing any AI agent skill. Red flag detection for credential theft, obfuscated code, exfiltration. Risk classification L...

24· 17k·187 current·196 all-time
bydp-del@donovanpankratz-del
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (pre-install vetting) align with what the skill requires: only curl and jq for GitHub/HTTP checks. No credentials, no unusual binaries or filesystem paths are requested.
Instruction Scope
SKILL.md instructs the agent to inspect a skill's files, repo metadata, and make network queries to GitHub or ClawHub—these actions are coherent with vetting. One minor ambiguity: 'Read ALL files in the skill' should be interpreted as files in the downloaded skill workspace, not arbitrary system files; the docs largely imply workspace-scoped checks. The Quick Vet Commands suggest running 'clawhub install' into a temp dir—be cautious because some package/install tooling can run install hooks even during install.
Install Mechanism
This is instruction-only with no install spec or archives to download. That minimizes on-disk/automatic execution risk. Required binaries (curl, jq) are standard and proportional.
Credentials
No environment variables or credentials are requested. The skill's checks explicitly flag access to ~/.ssh, ~/.aws, browser cookies, etc., as red flags rather than asking for them.
Persistence & Privilege
always is false and the skill does not request persistent system presence or elevated privileges. It does not modify other skills' configurations.
Assessment
This skill is an instruction-only vetting checklist that uses curl/jq to inspect repos and produce reports — its declared requirements match its purpose. Before using it: (1) ensure the agent confines its file reads to the skill workspace (not your home dir), (2) avoid running package manager install hooks when downloading code (download raw archives or clone the repo rather than executing installers), and (3) remember automated vetting can't catch every malicious behavior — follow the checklist and do a manual review for anything that looks suspicious (network calls, encoded payloads, or surprising install scripts).

Like a lobster shell, security has layers — review code before you run it.

latestvk9762d9s2ag5e83y2cbr6mtqsn81vvwa

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔒 Clawdis
OSLinux · macOS · Windows
Binscurl, jq

Comments