skill-vetter

Multi-scanner security gate. TRIGGER when: user mentions installing, adding, or reviewing a skill to Claude Code, OpenClaw, or any other AI agent. Detects malicious code, vulnerabilities, and suspicious patterns.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "skill-vetter" with this command: npx skills add app-incubator-xyz/skill-vetter/app-incubator-xyz-skill-vetter-skill-vetter

Skill Vetter

Security gate that runs multiple scanners against a skill before installation.

When to Use

Use before installing ANY skill to Claude Code, OpenClaw, or your other favorite AI agent — whether from ClawHub, GitHub, or any external source.

Ask the user: "Should I run skill-vetter on this before installing?" whenever they mention installing a new skill.

How to Run

Check dependencies first

bash {baseDir}/scripts/check-deps.sh

Fix any missing dependencies before proceeding.

Run the full scan

bash {baseDir}/scripts/vett.sh "<skill-name-or-path>"

The argument can be:

  • A ClawHub skill name: youtube-summarize
  • A GitHub URL: https://github.com/user/repo
  • A local path: /tmp/my-skill/

Interpret Results

VerdictMeaningAction
BLOCKEDCRITICAL or HIGH findingsDo NOT install. Show findings.
REVIEWMedium severity findingsShow findings, ask user to decide.
SAFEAll scanners passedProceed with installation.

After Verdict

Always show the user:

  1. Which scanners ran
  2. Which passed/failed
  3. Specific findings for anything flagged
  4. Your recommendation

Never install the skill automatically. Always confirm with the user after showing results.

Scanners Used

ScannerWhat It Checks
aguaraPrompt injection, obfuscation, suspicious LLM calls
skill-analyzerKnown malicious patterns, CVE database
secrets-scanHardcoded API keys, tokens, credentials
structure-checkMissing SKILL.md, malformed YAML, dangerous files

Example Output

════════════════════════════════════════════════════════════
SKILL VETTER — Security Scan: malicious-skill
Path: /tmp/skill-vetter-abc123/malicious-skill
════════════════════════════════════════════════════════════

[1/4] aguara............. ✅ PASS
[2/4] skill-analyzer..... ❌ FAIL (HIGH: prompt injection pattern)
[3/4] secrets-scan....... ⚠️  WARN (Medium: base64 encoded string)
[4/4] structure-check.... ✅ PASS

════════════════════════════════════════════════════════════
VERDICT: BLOCKED
Reasons: 1 HIGH, 1 MEDIUM
════════════════════════════════════════════════════════════

Do NOT install this skill. It contains:
- HIGH: Prompt injection in SKILL.md (line 47)
- MEDIUM: Base64 encoded string in scripts/run.sh (line 12)

Dependencies

  • aguara — Go-based prompt scanner
  • skill-analyzer — Cisco AI skill scanner (Python)
  • python3 — For additional checks
  • curl, jq — For API calls and JSON parsing

Run check-deps.sh to verify all tools are installed.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

skill-vetter

No summary provided by upstream source.

Repository SourceNeeds Review
6.3K-useai-pro
General

skill-vetter

No summary provided by upstream source.

Repository SourceNeeds Review
99-sundial-org
General

skill-vetter

No summary provided by upstream source.

Repository SourceNeeds Review
84-skills.volces.com
General

skill-vetter

No summary provided by upstream source.

Repository SourceNeeds Review
30-maxmilneaus