clawhub-skill-vetting
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or obfuscation detected. The skill's primary function is to serve as a security utility for auditing external content.\n- [COMMAND_EXECUTION]: Utilizes standard system utilities like git, find, and grep to inspect the file structure and content of external repositories for security analysis.\n- [EXTERNAL_DOWNLOADS]: Fetches repository metadata and raw file content from well-known and trusted domains (GitHub API and GitHub User Content) to perform verification steps.\n- [PROMPT_INJECTION]: The skill defines a workflow that ingests untrusted code and instructions from external repositories, creating a surface for indirect prompt injection.\n
- Ingestion points: External skill files and repositories fetched via git and curl as defined in references/vetting-guide.md.\n
- Boundary markers: The instructions do not specify the use of delimiters or specific isolation prompts when the agent reads the audited content.\n
- Capability inventory: File system discovery (find), pattern searching (grep), network fetching (curl), repository cloning (git), and skill management (openclaw).\n
- Sanitization: No content filtering or sanitization of the audited files is performed prior to agent analysis.
Audit Metadata