Find Skills Skill
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill appears to be a benign guide for finding OpenClaw skills, with the main caution that users should verify any CLI command or third-party skill source before using it.
This skill is safe to treat as a discovery guide, not an installer. If you follow its npx examples or visit third-party marketplaces and GitHub repositories, verify the source and review any skill carefully before installing it.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user follows these examples, a CLI package may run on their machine to search ClawHub.
The skill documents user-run npx commands. npx can execute a local or fetched CLI package, which users should run intentionally; however, these examples are disclosed and central to the skill-search purpose.
npx clawhub search "keyword" # Browse categories npx clawhub browse
Run these commands only when intended, and verify the clawhub CLI/package source if it is not already installed.
Users could discover skills from sources that are less vetted than an official registry.
The skill recommends community and GitHub sources for finding installable skills. This is purpose-aligned for discovery, but these sources may have varying provenance and review quality.
LobeHub Skills Marketplace - Website: https://lobehub.com/skills - Community-contributed skills ### 4. GitHub - Search: `openclaw skill` or `agent-skill`
Before installing any discovered skill, review its SKILL.md, permissions, source, requirements, and reputation, and test it in isolation as the artifact itself recommends.