Skills
skills/maxmilneaus/installer-pack/skill-vetter

skill-vetter

SKILL.md

Skill Vetter πŸ”’

Never install a skill without vetting it first.

When to Use

  • Before installing any skill from ClawHub, GitHub, or external sources
  • When evaluating skills shared by other agents

Step 1: Source Check

  • Where did it come from?
  • Author known/reputable?
  • Downloads/stars?
  • Last updated?

Step 2: Code Review (MANDATORY)

Read ALL files. Reject immediately if you see:

🚨 REJECT:
β€’ curl/wget to unknown URLs
β€’ Sends data to external servers
β€’ Requests credentials/tokens/API keys
β€’ Reads ~/.ssh, ~/.aws, ~/.config without reason
β€’ Accesses MEMORY.md, USER.md, SOUL.md, IDENTITY.md
β€’ base64 decode
β€’ eval()/exec() with external input
β€’ Modifies system files outside workspace
β€’ Installs unlisted packages
β€’ Network calls to IPs instead of domains
β€’ Obfuscated/minified code
β€’ Requests sudo
β€’ Accesses browser cookies/sessions
β€’ Touches credential files

Step 3: Permission Scope

  • Files read/written?
  • Commands run?
  • Network access? To where?
  • Scope minimal for stated purpose?

Step 4: Risk Classification

Level Examples Action
🟒 LOW Notes, weather, formatting Basic review, install OK
🟑 MEDIUM File ops, browser, APIs Full code review
πŸ”΄ HIGH Credentials, trading, system Human approval required
β›” EXTREME Security configs, root Do NOT install

Output

SKILL VETTING REPORT
═══════════════════════
Skill: [name] | Source: [origin] | Author: [name] | Version: [ver]
Metrics: [downloads/stars] | Updated: [date] | Files: [count]
Red Flags: [None / list]
Permissions: Files: [list] | Network: [list] | Commands: [list]
Risk: [🟒/🟑/πŸ”΄/β›”]
Verdict: [βœ… SAFE / ⚠️ CAUTION / ❌ DO NOT INSTALL]
Notes: [observations]
═══════════════════════

Quick Vet (GitHub)

curl -s "https://api.github.com/repos/OWNER/REPO" | jq '{stars: .stargazers_count, forks: .forks_count, updated: .updated_at}'
curl -s "https://api.github.com/repos/OWNER/REPO/contents/skills/SKILL_NAME" | jq '.[].name'

Trust Hierarchy

  1. Official OpenClaw β†’ lower scrutiny (still review)
  2. High-star repos (1000+) β†’ moderate
  3. Known authors β†’ moderate
  4. Unknown sources β†’ maximum
  5. Requesting credentials β†’ human approval always

Completion Checklist

  • Source checked
  • All files read, red flags checked
  • Permission scope assessed
  • Risk level assigned
  • Verdict delivered

Unchecked = not done.

Paranoia is a feature. πŸ”’πŸ¦€

Credits

Originally by adamb0mbNZ β€” ClawHub.

Weekly Installs
30
Repository
maxmilneaus/ins…ler-pack
First Seen
11 days ago
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykWarn
Installed on
gemini-cli30
github-copilot30
amp30
cline30
codex30
kimi-cli30