Skill Recommender
PassAudited by ClawScan on May 11, 2026.
Overview
This skill appears benign: it recommends and clusters OpenClaw skills by reading local skill metadata, with no credentials, network calls, purchases, persistence, or destructive actions shown.
Safe to install for skill discovery tasks. Run it only in a workspace whose skill metadata you are comfortable inspecting, and remember that its recommendations are based on simple name/description heuristics rather than a full quality or security review.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users cannot compare this package against an upstream repository or homepage from the supplied metadata.
The skill has limited upstream provenance information, although it does not fetch remote code and the bundled source is present in the artifacts.
Source: unknown; Homepage: none; Install specifications: No install spec
Install only from a trusted registry/owner and prefer maintainers to add a homepage or source repository for provenance.
The agent may run the bundled scripts in the current workspace to generate recommendations.
The skill intentionally uses bundled Node scripts for recommendation tasks. This is local code execution, but it is disclosed, purpose-aligned, and the source is provided.
Example: `node scripts/recommend_skills.js '{ ... }'`Use it from the intended workspace and review script output before acting on recommendations; maintainers could declare Node as a runtime requirement for clarity.
The skill will inspect skill metadata in the selected relative workspace directory.
The scripts accept a user-specified skills_dir and read local SKILL.md files, but they explicitly reject absolute paths and lexical parent-directory escapes.
if (path.isAbsolute(requested)) { throw new Error('skills_dir must be relative to the current workspace'); } ... relative.startsWith('..')Point skills_dir only at directories you intend to inspect, and keep the path validation if modifying the scripts.