ClawHub

Skill Vetter v2

v0.0.5

Analyze any skill for safety before use. Preserve local judgment, classify risk clearly, and optionally verify the final report with SettlementWitness.

0· 2k·12 current·12 all-time
by@nutstrut
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (skill vetter) align with the included artifacts: README, SKILL.md, local scan helper script, reminder activator, hook that injects a reminder, report templates and checklists. No unrelated credentials, binaries, or install steps are requested.
Instruction Scope
SKILL.md and README instruct only local inspection of the target package, generating a structured report, and optionally verifying that report. The runtime instructions do not direct the agent to read secrets, exfiltrate files, or call external services. They explicitly warn not to send secrets or private repositories.
Install Mechanism
There is no install spec; the package is instruction-plus-small helpers. Scripts are local utilities (scan-skill.sh, activator.sh) and hooks are lightweight and advisory. There are no downloads or archive extracts or package installs declared.
Credentials
The skill requires no environment variables or credentials. SKILL.md mentions optional verification with a third party (SettlementWitness) — this is only a workflow note and no code implements network verification here. Before using any verification feature, confirm what minimal structured fields are sent and ensure no secrets or private code are transmitted.
Persistence & Privilege
always is false and the hook is advisory: it only injects a virtual reminder file into bootstrapFiles when the agent boots. The package does not modify other skills' configs or request persistent system-wide changes.
Assessment
This package appears to do what it says: local vetting helpers, templates, and an advisory hook. Before installing or using: (1) run the included scripts (bash scripts/scan-skill.sh) on the target skill directory yourself to verify outputs; (2) review the hook (hooks/openclaw/handler.[js|ts]) to confirm it only injects a reminder and does not alter state; (3) if you enable any optional verification with a third-party service (SettlementWitness or similar), confirm exactly which structured fields are transmitted and never send secrets, private keys, or full private repositories; (4) note the minor metadata mismatch (ownerId in _meta.json differs from registry owner) — benign but worth checking you have the intended package source.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d69w071bn90es6dsryh6aws83tneg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments