clawhub-skill-vetting

Vet ClawHub skills before installation. Use when the user asks about evaluating, auditing, or safely installing OpenClaw/ClawHub skills, or when a skill’s trustworthiness is in question.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "clawhub-skill-vetting" with this command: npx skills add hugomrtz/skill-vetting-clawhub/hugomrtz-skill-vetting-clawhub-clawhub-skill-vetting

ClawHub Skill Vetting

Overview

Apply a strict, security‑first vetting workflow before installing any ClawHub skill. Prioritize code review, permission scope, domain listing, and risk scoring.

Workflow

  1. Source check — author reputation, stars/downloads, last update, reviews.
  2. Code review (MANDATORY) — scan all files for exfiltration, secrets access, eval/exec, obfuscation.
  3. Permission scope — files, commands, network; confirm minimal scope.
  4. Recent activity — detect suspicious bursts.
  5. Community check — Discord/GitHub Discussions.
  6. Install safely — sandbox + inspect permissions.

Reference

Use references/vetting-guide.md for the full checklist, commands, red flags, confidence scoring, and report template.

Output expectations

  • Produce the SKILL VETTING REPORT format.
  • Provide a go/no‑go recommendation with reasons.
  • If unclear, recommend sandbox install only or reject.
  • Call out any red flags explicitly.
  • Include a confidence score and threshold.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Web Security Client-Side Scanner 1773654191

Perform a thorough client-side / browser-facing security assessment of a target web application. Use this skill whenever the user asks to pentest, audit, or...

Registry SourceRecently Updated
40enderphan94
Security

Cybersecurity & Hacking Events Trader

Trades Polymarket prediction markets on major cyberattacks, ransomware incidents, data breaches, zero-day exploits, and national cybersecurity legislation.

Registry SourceRecently Updated
40Profile unavailable
Security

Skill Reviewer

Use this skill to audit, review, or validate Claude Code skills (.md files in .claude/commands/). Invoke when user wants to check skill quality, cross-platfo...

Registry SourceRecently Updated
1700Profile unavailable
Security

Skill Guard

Skill Security Scanner - Scan for risks before download/use. Use when: installing unknown skills, evaluating third-party code, or security auditing. / Skill安...

Registry SourceRecently Updated
190Profile unavailable