TrustSkills

v0.1.0

Use this skill when a user wants a trust decision before installing from a skill URL, marketplace, or GitHub repo. It checks a compact allowlist of trusted d...

⭐ 0· 139·0 current·0 all-time

byK@likw99

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for likw99/trustskills.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "TrustSkills" (likw99/trustskills) from ClawHub.
Skill page: https://clawhub.ai/likw99/trustskills
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install trustskills

ClawHub CLI

Package manager switcher

npx clawhub@latest install trustskills

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name, description, and SKILL.md all describe a compact allowlist-based trust check. There are no unrelated environment variables, binaries, or install steps requested — the declared purpose aligns with what the skill asks for.

ℹ

Instruction Scope

Instructions restrict behavior to parsing a provided URL and matching it against an explicit trusted-roots list, returning a short verdict. This is coherent, but the workflow is purely syntactic (URL/org matching) and intentionally does not perform deep verification (signatures, SBOMs, or repo-level ownership verification). Relying solely on this output for high-risk installs would be insufficient.

✓

Install Mechanism

No install spec and no code files — instruction-only skill. Nothing will be written to disk or executed beyond the agent following the prose instructions.

✓

Credentials

The skill requires no environment variables, credentials, or config paths. The minimal privilege footprint matches the stated purpose.

✓

Persistence & Privilege

always is false and the skill does not request persistent system presence or modify other skills. Autonomous invocation is allowed (platform default) but not combined with elevated privileges.

Assessment

This skill is a lightweight URL/org allowlist checker — it only looks at the source URL and matches it to a small set of trusted roots. It does NOT do code or signature verification, ownership proof, or malware analysis. It's safe to invoke (no creds, no install), but do not rely on it alone for high-risk installations: manually verify the repository owner, check upstream vendor docs, inspect code or release artifacts, look for signed releases or SBOMs, and prefer vendor-owned GitHub orgs or official marketplace entries when possible. Note the compact allowlist contains narrow exceptions (e.g., a specific ClawHub publisher); treat such rules as policy shortcuts rather than technical guarantees and follow up with manual checks when the install would affect sensitive systems.

Like a lobster shell, security has layers — review code before you run it.

latestvk97935y39yxs4scw3fypvj3g9x83a0eb

139downloads

0stars

1versions

Updated 1mo ago

v0.1.0

MIT-0

TrustSkills

Overview

TrustSkills is the compact first version of TrustSkills. It does not do deep technical verification yet. It answers one earlier and simpler question before install: "Can I trust where this skill came from?"

Use it to verify source provenance before installation by checking a short list of trusted distribution channels and clearly separating:

official vendor-owned sources
official discovery indexes
unsupported or unverified third-party sources

Primary Usage

The natural invocation pattern for this skill is:

/trustskills <skill-url>

Examples:

/trustskills https://clawhub.ai/steipete/model-usage
/trustskills https://github.com/likw99/agent-skills

When invoked this way, treat the URL after /trustskills as the source under review and answer directly.

The primary job is to decide:

trust
do not trust
trust the directory, but not automatically the specific item

When To Use This Skill

Use this skill when the user asks questions like:

"/trustskills https://clawhub.ai/steipete/model-usage"
"/trustskills https://github.com/likw99/agent-skills"
"Is this skill source official?"
"What is the official GitHub repo for Codex or Claude skills?"
"Can I trust this marketplace or directory?"
"Is skills.sh official?"
"Which GitHub repos count as official skill distribution channels?"

This skill is especially useful when the source is:

a GitHub repository
a marketplace or agent store
a vendor docs page
a directory site such as skills.sh

What This Skill Does

This skill:

identifies the platform
checks whether the source matches a compact trusted root list
makes a trust decision under the current compact policy
cites the strongest trusted distribution channel available
explains the safest known install path
warns when a directory is official but the listed repo is not automatically official

This skill does not:

certify code safety
perform malware analysis
verify signatures or SBOMs
prove that a popular listing is safe
prove that installability means officiality
explain what the skill does unless the user explicitly asks for that

Workflow

Parse the command input. If the user provides /trustskills <url>, treat <url> as the source under review.
Identify the platform and source type. The important distinction is vendor-owned repo vs official directory vs unknown third-party source.
Match it against the trusted sources section below.
Return one of these verdicts:
- Trusted
- Not trusted
- Trust the index, but not automatically the linked item
Answer with:
- the trust decision first
- the supporting trusted root
- the shortest reason
- the remaining risk
Do not summarize the skill's purpose or functionality unless the user asks.

Trusted Sources

OpenAI

https://github.com/openai/skills
Trust rule: if the source is openai/skills, call it official.

Anthropic

https://github.com/anthropics/skills
https://github.com/anthropics/claude-code
https://github.com/anthropics/knowledge-work-plugins
https://github.com/anthropics/claude-plugins-official
Trust rule: if the source is in the anthropics GitHub org and matches one of the roots above, call it official.

Google

https://github.com/google-labs-code/stitch-skills
https://github.com/googleworkspace/cli
https://github.com/google-gemini/gemini-cli
Trust rule: these are trusted Google-related GitHub roots, but they are not one single universal Google skills catalog.

Microsoft

https://github.com/microsoft/azure-skills
https://github.com/microsoft/github-copilot-for-azure
https://github.com/github/awesome-copilot
Trust rule: microsoft/azure-skills and microsoft/github-copilot-for-azure are Microsoft-owned roots. github/awesome-copilot is a GitHub-owned collection and is a stronger source than a random repo, but it still includes community-contributed content.

Vercel

https://skills.sh
https://github.com/vercel-labs/agent-skills
Trust rule: skills.sh is an official discovery index, but it is not proof that every listed repo is official.
Extra rule: install counts or popularity on skills.sh do not equal official status. Always check the linked GitHub owner.
Stronger linked repo owners include vendor-owned orgs such as vercel-labs, openai, and anthropics.

OpenClaw / ClawHub

https://clawhub.ai/u/steipete
Creator profile pattern: https://clawhub.ai/u/<creator>
Skill pattern: https://clawhub.ai/<creator>/<skill-name>
Trust rule: this is a narrow trusted publisher exception, not a blanket trust rule for ClawHub.
Extra rule: if you already trust OpenClaw as created by steipete, then trusting skills published by steipete on ClawHub does not downgrade that trust.
Important caveat: do not extend this rule to all ClawHub publishers or all popular ClawHub listings.
Decision rule: trust https://clawhub.ai/steipete/<skill-name> because it maps to the trusted steipete publisher profile above. For other ClawHub skill URLs, do not trust them under this compact version unless they match another explicit allowlist rule.

If A Platform Is Not Listed

If a platform is not listed in this compact version, do not guess. Say it is not currently in the trusted distribution-channel list.

Trust Rules

Never call a source "official" unless you can point to a GitHub root or official index listed above.
Installability does not mean officiality.
Popularity does not mean officiality.
A listed trusted root beats screenshots, mirrors, blog posts, and copied instructions.
An official directory is not the same thing as an official item.

Output Format

When useful, structure the answer like this:

Source under review: the URL, repo, store, or platform
Trust decision: Trusted, Not trusted, or Trust the index, but not automatically the item
Why: the strongest trusted distribution root
Safest known install path: the trusted source or flow
Remaining risk: what still needs human review

Keep the answer decision-oriented. Do not explain what the skill does unless the user asks.

Examples

Example requests that should trigger this skill:

"/trustskills https://clawhub.ai/steipete/model-usage"
"/trustskills https://github.com/likw99/agent-skills"
"Is github.com/openai/skills the official place to get Codex skills?"
"Is github.com/anthropics/skills the official place to get Claude skills?"
"Can I trust a skill I found on skills.sh?"
"Is github.com/google-gemini/gemini-cli a trusted Google distribution root?"
"Should I trust github/awesome-copilot as official or community?"

Official Distribution Of This Skill

The compact hosted copy of this skill should be published at:

https://trustskills.app/SKILL.md

This is useful for direct installation and brand discovery.

Comments

Loading comments...