Skill Manager
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill matches its purpose, but it teaches installing third-party tools and skills that can persistently change the agent, so users should verify sources before running the examples.
Treat this as an installation guide, not something to run automatically. Before installing any recommended skill, verify the package or repository owner, inspect its SKILL.md and any setup scripts, and provide API keys only to skills you trust.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running these examples can install third-party code into the local environment or the agent's skill directory.
The guide documents installing external packages and cloning external repositories without pinning versions or commits. This is expected for a skill installation guide, but users should verify provenance.
npm install -g @vercel/skills ... npm install -g clawdhub ... git clone https://github.com/<owner>/<skill-repo>.git
Use trusted package names and repositories, prefer pinned versions or commits where possible, and inspect each skill before installing it.
If run, package-manager commands may execute installer code from the selected package or dependency chain.
npx and npm-based installation workflows may execute package code. In this artifact they are shown as user-directed setup examples and are aligned with the skill's purpose.
npx clawdhub install <owner>/<skill-name>
Run these commands only when you intend to install the named tool or skill, and review the package source and permissions first.
Newly installed skills may affect future agent behavior until removed.
The guide shows skills being installed into the persistent OpenClaw skills directory. This persistence is expected for skill installation, but it means new capabilities remain available after the current task.
~/.openclaw/workspace/skills/
Install only skills you need, review their instructions and setup scripts, and remove unused or untrusted skills.