Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
SKILL.md
text/markdown · 4561 字节
skill-card.md
text/markdown · 2121 字节
Security Scan
状态
clean
OpenClaw
gpt-5.5
OpenClaw 分析
This is a non-executable checklist for reviewing other skills, with only disclosed, purpose-aligned GitHub fetch examples.
置信度: high
VirusTotal
Type: OpenClaw Skill Name: skill-vetter Version: 1.0.0 This skill, 'skill-vetter', is designed to help AI agents identify security risks in other skills. The `SKILL.md` file outlines a vetting protocol, including a comprehensive list of 'RED FLAGS' for agents to look for in untrusted code. The 'Quick Vet Commands' section uses `curl` to fetch metadata and file contents from GitHub (api.github.com, raw.githubusercontent.com) for *other* skills, which is directly aligned with its stated purpose of vetting. There is no evidence of malicious intent, data exfiltration, or harmful prompt injection against the agent itself; rather, it instructs the agent on how to detect such behaviors in external skills.