skill-vetter

Multi-scanner security gate. TRIGGER when: user mentions installing, adding, or reviewing a skill to Claude Code, OpenClaw, or any other AI agent. Detects malicious code, vulnerabilities, and suspicious patterns.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "skill-vetter" with this command: npx skills add app-incubator-xyz/skill-vetter/app-incubator-xyz-skill-vetter-skill-vetter

Skill Vetter

Security gate that runs multiple scanners against a skill before installation.

When to Use

Use before installing ANY skill to Claude Code, OpenClaw, or your other favorite AI agent — whether from ClawHub, GitHub, or any external source.

Ask the user: "Should I run skill-vetter on this before installing?" whenever they mention installing a new skill.

How to Run

Check dependencies first

bash {baseDir}/scripts/check-deps.sh

Fix any missing dependencies before proceeding.

Run the full scan

bash {baseDir}/scripts/vett.sh "<skill-name-or-path>"

The argument can be:

  • A ClawHub skill name: youtube-summarize
  • A GitHub URL: https://github.com/user/repo
  • A local path: /tmp/my-skill/

Interpret Results

VerdictMeaningAction
BLOCKEDCRITICAL or HIGH findingsDo NOT install. Show findings.
REVIEWMedium severity findingsShow findings, ask user to decide.
SAFEAll scanners passedProceed with installation.

After Verdict

Always show the user:

  1. Which scanners ran
  2. Which passed/failed
  3. Specific findings for anything flagged
  4. Your recommendation

Never install the skill automatically. Always confirm with the user after showing results.

Scanners Used

ScannerWhat It Checks
aguaraPrompt injection, obfuscation, suspicious LLM calls
skill-analyzerKnown malicious patterns, CVE database
secrets-scanHardcoded API keys, tokens, credentials
structure-checkMissing SKILL.md, malformed YAML, dangerous files

Example Output

════════════════════════════════════════════════════════════
SKILL VETTER — Security Scan: malicious-skill
Path: /tmp/skill-vetter-abc123/malicious-skill
════════════════════════════════════════════════════════════

[1/4] aguara............. ✅ PASS
[2/4] skill-analyzer..... ❌ FAIL (HIGH: prompt injection pattern)
[3/4] secrets-scan....... ⚠️  WARN (Medium: base64 encoded string)
[4/4] structure-check.... ✅ PASS

════════════════════════════════════════════════════════════
VERDICT: BLOCKED
Reasons: 1 HIGH, 1 MEDIUM
════════════════════════════════════════════════════════════

Do NOT install this skill. It contains:
- HIGH: Prompt injection in SKILL.md (line 47)
- MEDIUM: Base64 encoded string in scripts/run.sh (line 12)

Dependencies

  • aguara — Go-based prompt scanner
  • skill-analyzer — Cisco AI skill scanner (Python)
  • python3 — For additional checks
  • curl, jq — For API calls and JSON parsing

Run check-deps.sh to verify all tools are installed.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

skill-vetter

No summary provided by upstream source.

Repository SourceNeeds Review
16.5K-useai-pro
General

skill-vetter

No summary provided by upstream source.

Repository SourceNeeds Review
944-skills.volces.com
Security

notion-cli-mcp

Notion via notion-cli — a Rust CLI + MCP server for Notion API 2025-09-03+. Three-tier agent integration (read-only default, opt-in runtime writes, opt-in admin lifecycle) with rate limiting, response-size cap, untrusted-source output envelope, per-tier JSONL audit logs, and --check-request dry-runs. Supports the new data-source model, 22 property types, 12 block types, admin schema mutation, relation wiring, dedicated page-move endpoint, db update, and users me (v0.4).

Archived SourceRecently Updated
--0xarkstar
Security

agentguard

GoPlus AgentGuard — AI agent security guard. Run /agentguard checkup for a full security health check, scans all installed skills, checks credentials, permissions, and network exposure, then delivers an HTML report directly to you. Also use for scanning third-party code, blocking dangerous commands, preventing data leaks, evaluating action safety, and running daily security patrols.

Archived SourceRecently Updated
--GoPlusSecurity