Universal Skills Manager
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: universal-skills-manager Version: 1.7.0 The 'universal-skills-manager' bundle is a comprehensive tool for discovering, installing, and synchronizing AI agent skills across multiple platforms. It possesses high-risk capabilities, specifically the ability to download and execute remote scripts from GitHub and ClawHub, and perform broad file system operations across various AI tool directories (e.g., ~/.claude, ~/.gemini). While it includes a dedicated security scanner (scripts/scan_skill.py) and validation logic to mitigate risks, the inherent potential for remote code execution (RCE) and the inclusion of 'curl | sh' installation instructions in SKILL.md for external tools warrant a suspicious classification despite the behavior being aligned with the stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or unsafe install/sync action could change how multiple AI tools behave in future sessions.
This gives the agent broad authority to mutate installed skills and agent behavior across many tools and scopes. That is purpose-aligned, but high-impact and should be tightly confirmed and bounded.
manages installation, and synchronization across Claude Code, Gemini CLI, Google Anti-Gravity, OpenCode, and other AI tools. Handles User-level (Global) and Project-level (Local) scopes.
Use only with explicit user approval for each source, destination, and scope; prefer project scope; require dry-run/diff output and backups before modifying global skill directories.
Users may install it without seeing that it needs local command execution, network access, and optional credential handling.
The registry under-declares requirements that SKILL.md itself lists, including python3, curl, network access, and SKILLSMP_API_KEY. For a skill manager that installs other skills, this reduces user visibility into dependencies and authority.
Required binaries (all must exist): none ... Required env vars: none ... Primary credential: none
Update registry metadata to declare required binaries, network domains, optional credentials, and capability tags; do not rely only on SKILL.md text for these security-relevant requirements.
A remote repository or branch could change after search results are produced, causing different skill content to be installed.
The installer downloads skill files directly from GitHub branches/raw URLs. That is expected for this skill's purpose, but mutable remote sources are a supply-chain risk unless users review and trust them.
return f"https://raw.githubusercontent.com/{owner}/{repo}/{branch}/{encoded_path}/{encoded_filename}"Prefer pinned commit URLs or signed releases, show the exact source and commit before install, and let users review downloaded SKILL.md and scripts before activation.
One unsafe skill installation could spread across several AI tools and affect multiple future workflows.
Cross-tool synchronization can propagate a bad, incompatible, or malicious skill from one agent environment into others.
Wants to sync skills between different AI tools (e.g., "Copy this Gemini skill to OpenCode").
Require explicit confirmation before every cross-tool sync, scan each skill before copying, and keep an audit log of source and destination paths.
If configured, the agent may use a provider API key while searching or packaging skills.
The skill documents use of an API key for SkillsMP. This is expected for the integration, but it is not reflected in the registry credential declarations.
primaryEnv: SKILLSMP_API_KEY
Use a least-privilege key, keep it in environment/config where possible, avoid embedding it in ZIPs, and rotate it if a packaged skill is shared.
Running the command executes remote code on the user's machine.
This is a user-directed setup workaround, not evidence of automatic execution, but piping a remote script into a shell is a sensitive install pattern.
curl -fsSL https://raw.githubusercontent.com/jacob-bd/universal-skills-manager/main/install.sh | sh -s -- --tools claude
Download and inspect the script first, verify the repository and commit, and avoid piping remote code directly into a shell.