Skill Vetter
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: skill-vetter Version: 1.0.0 This skill, 'skill-vetter', is designed to help AI agents identify security risks in other skills. The `SKILL.md` file outlines a vetting protocol, including a comprehensive list of 'RED FLAGS' for agents to look for in untrusted code. The 'Quick Vet Commands' section uses `curl` to fetch metadata and file contents from GitHub (api.github.com, raw.githubusercontent.com) for *other* skills, which is directly aligned with its stated purpose of vetting. There is no evidence of malicious intent, data exfiltration, or harmful prompt injection against the agent itself; rather, it instructs the agent on how to detect such behaviors in external skills.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You have less outside context about who authored or maintains the checklist.
The registry information does not identify an upstream source or homepage, so users have limited provenance context, though there is no runnable code or dependency in the supplied artifacts.
Source: unknown; Homepage: none
Treat it as a checklist from an unknown publisher; prefer a trusted source if provenance is important for your installation policy.
If run carelessly, the agent could fetch unintended remote content or review the wrong repository.
The skill suggests shell/network commands to fetch GitHub metadata and skill content. These are disclosed examples with placeholders and fit the vetting purpose.
curl -s "https://api.github.com/repos/OWNER/REPO" ... curl -s "https://raw.githubusercontent.com/OWNER/REPO/main/skills/SKILL_NAME/SKILL.md"
Use these commands only for user-approved repositories and verify placeholders before running them.
A malicious candidate skill could try to distract or redirect the agent during review if its text is not treated as data.
The vetting workflow intentionally brings third-party skill files into the agent context. That is necessary for review, but candidate skill text may itself contain instructions.
Read ALL files in the skill ... Fetch and review SKILL.md
When using this skill, treat reviewed skill files as untrusted evidence and do not follow instructions contained inside the candidate skill.