Search, download, create, evaluate, and analyze reusable agent skills via SkillNet. Use when: (1) Before any multi-step task — search SkillNet for existing s...
Security Analysis
high confidenceThe skill's actions, scripts, and runtime instructions are coherent with its stated purpose (search/download/create/evaluate skills) — it requires an LLM API key for creation/evaluation and uses a Python SDK (skillnet-ai) installed via pip/pipx; nothing in the package indicates hidden exfiltration or functionality unrelated to SkillNet.
Name/description match the included scripts and docs. The code and SKILL.md implement searching, downloading GitHub-hosted skills, creating skills by sending repo/docs/trajectories to an LLM, evaluating, and analyzing a local skill directory — all consistent with the stated purpose. Optional GITHUB_TOKEN and BASE_URL are explained and relevant.
Runtime instructions are generally scoped: searches are public and do not require keys, downloads are limited to GitHub URLs, and the SKILL.md explicitly requires user confirmation before downloading/reading/executing downloaded content. However, the create/evaluate/analyze flows send local repo/document text to the configured LLM endpoint (API_KEY / BASE_URL). The docs warn about sending sensitive documents but this is an important privacy consideration the user must accept before use.
No built-in installer in the registry, but SKILL.md and scripts recommend installing 'skillnet-ai' via pipx or pip. The provided install script only invokes pipx/pip (no arbitrary URL downloads or extracted archives). Risk depends on the origin and trustworthiness of the 'skillnet-ai' package on PyPI — installing third-party packages always carries moderate risk and should be validated.
The SKILL.md and scripts require an API_KEY for create/evaluate/analyze (used to call the configured LLM endpoint) and optionally accept BASE_URL and GITHUB_TOKEN. This is proportional to the functionality. However, the registry metadata at the top lists "Required env vars: none" while also declaring a primaryEnv of API_KEY — a metadata inconsistency that should be clarified before trusting automated flows which may prompt for credentials. Ensure you understand where your API_KEY will be used (the docs claim it is used only for the LLM endpoint and not forwarded to SkillNet API).
The skill is user-invocable and not forced-always. It does not request persistent, system-wide privileges, nor does it modify other skills' configs. Created/downloaded skills are stored under the user's workspace (~/.openclaw/workspace/skills) and the SKILL.md emphasizes user confirmation before loading or executing content.
Guidance
This package appears internally consistent, but review these points before installing or providing credentials: - API key usage: The tool requires an LLM API_KEY for create/evaluate/analyze operations. That key will be used to talk to your configured BASE_URL (your LLM). If you must process sensitive documents, prefer a local LLM endpoint (set BASE_URL to a local URL) or do not provide the key. - Verify the SDK: The installer will install the 'skillnet-ai' Python package via pip/pipx. Confirm the package's provenance (PyPI owner, source repo) before installing third-party packages. - GitHub token: Only provide GITHUB_TOKEN for private repo access. The tool claims it sends GITHUB_TOKEN only to api.github.com for repo access. - Download confirmation: The SKILL.md instructs the agent to always ask you before downloading or loading a skill; do not skip that review step. When downloading, inspect the skill folder (file listing and SKILL.md preview) before allowing the agent to read/execute scripts. - Metadata mismatch: Registry metadata claims "Required env vars: none" while the skill requires API_KEY for creation/evaluation. Clarify this inconsistency — treat API_KEY as required for create/evaluate/analyze. - Least privilege: Use a minimal-scope API key if possible, and consider rotating it after use. If you must send potentially sensitive documents, prefer an air-gapped/local LLM (set BASE_URL) instead of a public LLM. If you want, I can: (1) show how to inspect the 'skillnet-ai' PyPI package/repo before installing, (2) generate commands to install the SDK into an isolated venv, or (3) point out exactly where in your environment the created skills will be stored and how to audit them.
Latest Release
v1.0.6
Hardened inherent capability risks flagged by OpenClaw safety review: added download source restrictions, precise data flow transparency, sensitive data warnings, third-party skill isolation policies, and prompt injection defenses — while preserving all original functionality.
Popular Skills
Published by @Icarus-Chen on ClawHub
