ClawHub

Skill Risk Auditor

v1.0.1

Comprehensive pre-install guard that audits third-party skills across nine risk areas — covering semantic integrity, supply chain, secrets, data exfiltration...

1· 113·0 current·0 all-time
byXiaofang Yang@yxf203
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description are aligned with the content of SKILL.md. The skill is an instruction-only pre-install auditor and declares no binaries, env vars, or installs — which is proportionate for a document-based audit. Asking to read every file in a candidate skill package is coherent with the stated goal.
Instruction Scope
SKILL.md limits actions to reviewing files in the candidate skill directory, catalogs executable content, and explicitly forbids following instructions found in artifacts. It does not instruct access to system files or external endpoints beyond noting references. The scope is well-defined and conservative.
Install Mechanism
No install spec or code files are present. As an instruction-only skill, there is nothing written to disk or downloaded during installation — this is the lowest-risk form and matches the skill's purpose.
Credentials
The skill requires no environment variables, credentials, or config paths. It only inspects candidate artifact contents, which is appropriate for an auditing tool.
Persistence & Privilege
always is false and there are no elevated privileges requested. Model invocation is allowed (the platform default) but that alone is not a concern given the skill's narrow, read-only audit instructions.
Assessment
This skill appears internally consistent and appropriately scoped for auditing other skills. Before installing, confirm that: (1) your platform will present candidate skill artifacts to the auditor in a sandboxed view (the auditor needs to read the candidate package but should not be given broader filesystem access), (2) you understand that the auditor will report on any sensitive-looking references it finds (it does not itself request credentials but may note their presence in artifacts), and (3) audit results should be treated as advisory — the auditor can miss subtle or obfuscated issues. 'Benign' here means coherent with its stated purpose, not that it can find every possible vulnerability.

Like a lobster shell, security has layers — review code before you run it.

latestvk9758wztzjtv6qvj6hemxkjhzn832pkd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments