Find Skills 0.1.0
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: find-skills-0-1-0 Version: 1.0.0 This skill is classified as suspicious due to its inherent high-risk capabilities, specifically the instruction to execute `npx skills add <owner/repo@skill> -g -y` from SKILL.md. This command allows the agent to install arbitrary code globally and without confirmation, creating a significant supply chain vulnerability. While the skill's stated purpose is benign (finding and installing skills), this mechanism provides a clear vector for malicious actors to leverage the agent for arbitrary code execution if a malicious skill is published or if the agent is tricked into installing one via prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user approves installation too quickly, a third-party skill could be installed globally without the CLI asking for another confirmation.
The command is purpose-aligned, but it gives the agent a path to modify the user's installed skill set globally and bypass the CLI's confirmation prompts after user approval.
If the user wants to proceed, you can install the skill for them: ```bash npx skills add <owner/repo@skill> -g -y ``` The `-g` flag installs globally (user-level) and `-y` skips confirmation prompts.
Ask the user for explicit approval before installation, show the exact package name/source, and consider omitting -y so the user can review the CLI confirmation.
The quality and safety of any installed skill depends on the external source selected by the user and agent.
Installing skills from external repositories is central to the stated purpose, but it introduces normal third-party package provenance risk.
`npx skills add <package>` - Install a skill from GitHub or other sources
Review the skill page, source repository, publisher, permissions, and installation instructions before installing.
Installed skills may remain available to the agent in future sessions.
Global installation is explicitly disclosed and purpose-aligned, but it creates persistent changes to the user's agent environment.
The `-g` flag installs globally (user-level)
Install globally only for skills you expect to use again, and periodically review or remove skills you no longer need.