ClawHub

Landingdang Skill Vetter 1 0 0

v1.0.2

Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...

0· 116·1 current·1 all-time
by@landingdang·fork of @fedrov2025/skill-vetter-1-0-0
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the content: SKILL.md is a vetting checklist that tells an agent how to review other skills. There are no declared env vars, binaries, or install steps that don't belong to a vetter.
Instruction Scope
Instructions legitimately ask the agent to read all files of the target skill and to use GitHub API/raw URLs to inspect repos. This grants broad read access to a skill's files (which is necessary for vetting). Be aware the quick-commands include remote fetches (curl) — fetching raw files is expected for vetting but the agent should not execute fetched code.
Install Mechanism
No install spec and no code files are included. Instruction-only skills present low install risk because nothing is written to disk by an installer.
Credentials
The skill declares no environment variables, credentials, or config paths. The SKILL.md warns against reading ~/.ssh, ~/.aws, etc., rather than instructing the agent to access them.
Persistence & Privilege
always is false and there are no configuration writes. disable-model-invocation is false (agent may call it autonomously) which is reasonable for a vetter; this autonomy is not combined with elevated privileges or extra credentials.
Assessment
This skill is a coherent, safe-to-read vetting checklist, but remember: (1) the vetter's commands include curl/raw GitHub fetches—do not automatically execute any fetched code; fetch only to inspect content. (2) When the vetter asks to 'read ALL files' it legitimately needs read access to the target skill's files — limit that access to the skill workspace, not system dirs. (3) For high-risk targets (credentials, installer scripts, packages), always require a human code review before installing. (4) If you want stricter safety, prevent autonomous invocation or run the vetter in a sandboxed environment and review its output manually.

Like a lobster shell, security has layers — review code before you run it.

latestvk972mtybj1g9880k623ncejy0d834ae2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments