Security vetting protocol before installing any AI agent skill. Red flag detection for credential theft, obfuscated code, exfiltration. Risk classification L...
Security Analysis
high confidenceThe skill is an instruction-only vetting checklist that asks for reasonable tooling (curl, jq) and limits its actions to reading and reporting on skill files — its requirements and instructions align with its stated purpose.
Name, description, and runtime instructions align: this is a vetting/checklist skill and it only requires curl and jq to perform GitHub/HTTP checks and JSON parsing. There are no unrelated credentials, binaries, or config paths requested.
SKILL.md explicitly instructs the agent to download skill packages to a temporary directory and read all files for red flags, and shows curl/jq commands to query GitHub — these actions are within a vetter's scope. Recommendation: the skill should explicitly warn against executing any downloaded code (it currently shows reading/cat commands but does not repeat 'never run code' emphatically).
No install spec and no code files — instruction-only. This minimizes on-disk persistence and the attack surface. The use of curl/jq (declared) is proportionate and expected.
No environment variables, credentials, or config paths are requested. The declared requirements (curl, jq) are directly used by the quick-vet commands in SKILL.md and are proportionate to the purpose.
always is false and the skill does not request persistent presence or elevated privileges. It does not modify other skills' configs or ask for system-level changes in its instructions.
Guidance
This skill is a sensible, instruction-only vetting checklist and appears internally consistent. Before relying on it: 1) manually review this SKILL.md (a vetter is a meta-tool — it must itself be trusted); 2) never execute downloaded skill files — only read them; 3) treat its automated checks as advisory and perform manual code review for anything classified MEDIUM+ or HIGH; 4) if you plan to let an agent run this autonomously, require a human review step before installing any skill flagged as SAFE by the vetter. If you want extra caution, inspect any referenced integrations (zero-trust-protocol, drift-guard) because they are mentioned but not described or required by this package.
Latest Release
v1.0.0
Initial public release of skill-vetter: Easily vet skills for security risks before installation. - Implements a structured protocol to detect red flags (e.g., credential theft, data exfiltration, obfuscated code). - Provides clear risk classification: LOW, MEDIUM, HIGH, EXTREME. - Generates standardized vetting reports to support safe decision-making. - Includes a practical checklist for both automated and manual review. - Supplies vetting report templates and quick commands for ClawHub/GitHub skills. - Encourages thorough scrutiny of all untrusted or unknown skills before install.
Popular Skills
Published by @yiyi-9 on ClawHub
