From sundial-org-awesome-openclaw-skills-4
Vets AI agent skills for security risks before installation from ClawdHub, GitHub, or other sources. Checks source reputation, code for red flags like external calls or credential access, permissions, and classifies risk levels.
npx claudepluginhub joshuarweaver/cascade-ai-ml-agents-misc-2 --plugin sundial-org-awesome-openclaw-skills-4This skill uses the workspace's default tool permissions.
Security-first vetting protocol for AI agent skills. **Never install a skill without vetting it first.**
Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.
Guides building MCP servers enabling LLMs to interact with external services via tools. Covers best practices, TypeScript/Node (MCP SDK), Python (FastMCP).
Generates original PNG/PDF visual art via design philosophy manifestos for posters, graphics, and static designs on user request.
Security-first vetting protocol for AI agent skills. Never install a skill without vetting it first.
Questions to answer:
- [ ] Where did this skill come from?
- [ ] Is the author known/reputable?
- [ ] How many downloads/stars does it have?
- [ ] When was it last updated?
- [ ] Are there reviews from other agents?
Read ALL files in the skill. Check for these RED FLAGS:
๐จ REJECT IMMEDIATELY IF YOU SEE:
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โข curl/wget to unknown URLs
โข Sends data to external servers
โข Requests credentials/tokens/API keys
โข Reads ~/.ssh, ~/.aws, ~/.config without clear reason
โข Accesses MEMORY.md, USER.md, SOUL.md, IDENTITY.md
โข Uses base64 decode on anything
โข Uses eval() or exec() with external input
โข Modifies system files outside workspace
โข Installs packages without listing them
โข Network calls to IPs instead of domains
โข Obfuscated code (compressed, encoded, minified)
โข Requests elevated/sudo permissions
โข Accesses browser cookies/sessions
โข Touches credential files
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Evaluate:
- [ ] What files does it need to read?
- [ ] What files does it need to write?
- [ ] What commands does it run?
- [ ] Does it need network access? To where?
- [ ] Is the scope minimal for its stated purpose?
| Risk Level | Examples | Action |
|---|---|---|
| ๐ข LOW | Notes, weather, formatting | Basic review, install OK |
| ๐ก MEDIUM | File ops, browser, APIs | Full code review required |
| ๐ด HIGH | Credentials, trading, system | Human approval required |
| โ EXTREME | Security configs, root access | Do NOT install |
After vetting, produce this report:
SKILL VETTING REPORT
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Skill: [name]
Source: [ClawdHub / GitHub / other]
Author: [username]
Version: [version]
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
METRICS:
โข Downloads/Stars: [count]
โข Last Updated: [date]
โข Files Reviewed: [count]
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
RED FLAGS: [None / List them]
PERMISSIONS NEEDED:
โข Files: [list or "None"]
โข Network: [list or "None"]
โข Commands: [list or "None"]
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
RISK LEVEL: [๐ข LOW / ๐ก MEDIUM / ๐ด HIGH / โ EXTREME]
VERDICT: [โ
SAFE TO INSTALL / โ ๏ธ INSTALL WITH CAUTION / โ DO NOT INSTALL]
NOTES: [Any observations]
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
For GitHub-hosted skills:
# Check repo stats
curl -s "https://api.github.com/repos/OWNER/REPO" | jq '{stars: .stargazers_count, forks: .forks_count, updated: .updated_at}'
# List skill files
curl -s "https://api.github.com/repos/OWNER/REPO/contents/skills/SKILL_NAME" | jq '.[].name'
# Fetch and review SKILL.md
curl -s "https://raw.githubusercontent.com/OWNER/REPO/main/skills/SKILL_NAME/SKILL.md"
Paranoia is a feature. ๐๐ฆ