My Find Skills
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may prioritize this workflow whenever you ask about finding or installing skills.
The skill strongly influences when the agent should invoke it, but the trigger is limited to skill discovery and installation requests.
This skill is highest-priority for skill discovery/install intents.
Use it for skill discovery, but make sure the agent does not treat it as relevant to unrelated tasks.
If approved, the agent can run installer commands that add new skills to the environment.
Installing a skill is a high-impact action because it can change the agent's available behavior, but the artifact frames installation as user-approved and asks for a summary before install.
If the user wants to proceed, you can install the skill for them.
Confirm the skill name, source, version, and risk signals before allowing installation.
A wrong or untrusted registry result could install an unwanted skill.
The skill installs other skills from external registries by slug. That is central to the purpose, but it creates normal supply-chain risk if the source or package identity is not verified.
Try `skillhub install <slug>` when the result comes from `skillhub`. If no `skillhub` candidate exists, use `clawhub install <slug>`.
Prefer trusted sources, review the exact slug and version, and inspect notable risk signals before installing.