clawhub-skill-vetting

Vet ClawHub skills before installation. Use when the user asks about evaluating, auditing, or safely installing OpenClaw/ClawHub skills, or when a skill’s trustworthiness is in question.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "clawhub-skill-vetting" with this command: npx skills add hugomrtz/skill-vetting-clawhub/hugomrtz-skill-vetting-clawhub-clawhub-skill-vetting

ClawHub Skill Vetting

Overview

Apply a strict, security‑first vetting workflow before installing any ClawHub skill. Prioritize code review, permission scope, domain listing, and risk scoring.

Workflow

  1. Source check — author reputation, stars/downloads, last update, reviews.
  2. Code review (MANDATORY) — scan all files for exfiltration, secrets access, eval/exec, obfuscation.
  3. Permission scope — files, commands, network; confirm minimal scope.
  4. Recent activity — detect suspicious bursts.
  5. Community check — Discord/GitHub Discussions.
  6. Install safely — sandbox + inspect permissions.

Reference

Use references/vetting-guide.md for the full checklist, commands, red flags, confidence scoring, and report template.

Output expectations

  • Produce the SKILL VETTING REPORT format.
  • Provide a go/no‑go recommendation with reasons.
  • If unclear, recommend sandbox install only or reject.
  • Call out any red flags explicitly.
  • Include a confidence score and threshold.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Ring Security

Monitor and manage Ring doorbells and security cameras. Query device status, review motion events, manage modes, and export event history. Use when you need...

Registry SourceRecently Updated
1730bytesagain1
Security

Retirement Planner

退休规划工具。退休金计算、投资策略、社保养老金、投资组合、提取策略、缺口分析。Retirement planner with pension calculation, investment strategy, social security, portfolio, withdrawal strategy, gap...

Registry SourceRecently Updated
1690bytesagain
Security

Node Auto Debugger

Scan Node.js/Express/Next.js projects for bugs, security issues, and anti-patterns. Use when debugging a Node.js web app, running code audits, fixing client-...

Registry SourceRecently Updated
30jengajojo
Security

Shieldcortex

Persistent memory system with security for AI agents. Remembers decisions, preferences, architecture, and context across sessions with knowledge graphs, deca...

Registry SourceRecently Updated
6540Profile unavailable