Skills Audit

Type: OpenClaw Skill Name: skills-audit Version: 1.5.3 The bundle is a legitimate security auditing and monitoring tool for OpenClaw skills. It implements static analysis, git-based version tracking, and risk scoring using local rules and an optional, opt-in remote threat intelligence API (QianXin SafeSkill) that only transmits bundle hashes. The Python scripts (`skills_audit.py`, `skills_watch_and_notify.py`) are well-structured, use standard libraries, and perform actions consistent with the stated purpose of auditing. Crucially, the `SKILL.md` instructions contain defensive guidelines for the AI agent, explicitly prohibiting the automatic creation of cron jobs and mandating that the agent provide safe summaries of code changes rather than exfiltrating raw diffs to external channels.