Related Skill
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is coherent for discovering and installing related skills, but users should review any skill installs or updates it suggests.
This skill appears safe as an instruction-only helper for finding related skills. Before allowing it to run `npx skills add`, `update`, or `remove`, check that the command targets the exact skill you want and review that skill’s own permissions and provenance.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used without review, the agent could install, update, or remove skills, changing what capabilities are available in future sessions.
The skill grants the agent access to the `npx skills` command family. This is aligned with discovering and managing skills, but it includes commands that can modify the local skill set.
allowed-tools: Bash(npx skills *)
Only approve skill-management commands that match your request, and review the target skill before installing or updating it.
Newly installed skills may bring their own permissions, tools, dependencies, or data access patterns.
The documented workflow installs additional skills from a registry, including an option to install a broad bundle. This is the skill’s stated purpose, but it introduces downstream supply-chain and capability-expansion considerations.
npx skills add inference-sh/skills@ai-image-generation ... # Install the full platform skill with all 150+ apps
Review each related skill’s permissions and source before installation, especially broad bundles such as the full platform skill.