setup automatik

Security-first vetting protocol for AI agent skills. Never install a skill without vetting it first.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "setup automatik" with this command: npx skills add stavc/automatik

Security-first vetting protocol for AI agent skills. Never install a skill without vetting it first.

When to Use Before installing any skill from ClawdHub Before running skills from GitHub repos When evaluating skills shared by other agents Anytime you're asked to install unknown code Vetting Protocol Step 1: Source Check Questions to answer:

  • Where did this skill come from?
  • Is the author known/reputable?
  • How many downloads/stars does it have?
  • When was it last updated?
  • Are there reviews from other agents? Step 2: Code Review (MANDATORY) Read ALL files in the skill. Check for these RED FLAGS:

🚨 REJECT IMMEDIATELY IF YOU SEE: ───────────────────────────────────────── • curl/wget to unknown URLs • Sends data to external servers • Requests credentials/tokens/API keys • Reads ~/.ssh, ~/.aws, ~/.config without clear reason • Accesses MEMORY.md, USER.md, SOUL.md, IDENTITY.md • Uses base64 decode on anything • Uses eval() or exec() with external input • Modifies system files outside workspace • Installs packages without listing them • Network calls to IPs instead of domains • Obfuscated code (compressed, encoded, minified) • Requests elevated/sudo permissions • Accesses browser cookies/sessions • Touches credential files ───────────────────────────────────────── Step 3: Permission Scope Evaluate:

  • What files does it need to read?
  • What files does it need to write?
  • What commands does it run?
  • Does it need network access? To where?
  • Is the scope minimal for its stated purpose? Step 4: Risk Classification Risk Level Examples Action 🟢 LOW Notes, weather, formatting Basic review, install OK 🟡 MEDIUM File ops, browser, APIs Full code review required 🔴 HIGH Credentials, trading, system Human approval required ⛔ EXTREME Security configs, root access Do NOT install Output Format After vetting, produce this report:

SKILL VETTING REPORT ═══════════════════════════════════════ Skill: [name] Source: [ClawdHub / GitHub / other] Author: [username] Version: [version] ─────────────────────────────────────── METRICS: • Downloads/Stars: [count] • Last Updated: [date] • Files Reviewed: [count] ─────────────────────────────────────── RED FLAGS: [None / List them]

PERMISSIONS NEEDED: • Files: [list or "None"] • Network: [list or "None"]
• Commands: [list or "None"] ─────────────────────────────────────── RISK LEVEL: [🟢 LOW / 🟡 MEDIUM / 🔴 HIGH / ⛔ EXTREME]

VERDICT: [✅ SAFE TO INSTALL / ⚠️ INSTALL WITH CAUTION / ❌ DO NOT INSTALL]

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

Huo15 Openclaw Enhance

火一五·克劳德·龙虾增强插件 v5.7.8 — 全面适配 openclaw 2026.4.24:peerDep ^4.24 + build/compat 同步到 4.24 + 14 处 api.on 全部去掉 as any 改成 typed hook(hookName 联合类型 + handler 自动推断 Pl...

Registry SourceRecently Updated
3030zhaobod1
General

Content Trend Analyzer

Aggregates and analyzes content trends across platforms to identify hot topics, user intent, content gaps, and generates data-driven article outlines.

Registry SourceRecently Updated
260openlark
General

Prompt Debugger

Debug prompts that produce unexpected AI outputs — diagnose failure modes, identify ambiguity and conflicting instructions, test variations, compare model re...

Registry SourceRecently Updated
120charlie-morrison
General

Indie Maker News

独行者 Daily - 变现雷达。读对一条新闻,少走一年弯路。每天5分钟,给创业者装上商业雷达。聚焦一人公司、副业、创业变现资讯,智能分类,行动导向。用户下载即能用,无需本地部署!

Registry SourceRecently Updated
300kylnwu