Skill Vetter

• You are about to install a skill from ClawdHub, GitHub, or any third-party source and want a structured security review before proceeding.
• Another agent or user has shared a skill and you need to evaluate it for safety before running it.
• You want a documented, reproducible vetting trail for skills in a multi-agent or team environment.
• You are evaluating a skill that requests access to credentials, system files, or network endpoints and need to decide whether human approval is required.

• You are installing first-party or officially audited skills from a source you fully control and trust — vetting adds overhead with minimal new signal.
• You need a fully automated, programmatic code-scanning tool; this skill is a structured reasoning protocol, not a static analysis engine.

The mandatory code review step flags high-risk patterns such as curl/wget to unknown URLs, eval() or exec() on external input, base64 decoding, access to credential files (~/.ssh, ~/.aws), and obfuscated code. Any match triggers an immediate rejection recommendation.

Skills are classified as LOW 🟢, MEDIUM 🟡, HIGH 🔴, or EXTREME ⛔ based on what they touch — from simple formatting utilities to system-level or credential-handling code. Each tier maps to a clear action: basic review, full code review, human approval required, or do not install.

After completing all steps, the skill produces a standardized report covering source, author, version, download/star metrics, red flags found, permissions needed (files, network, commands), risk level, and a final verdict. This makes reviews auditable and shareable.

Step 3 evaluates exactly what the skill needs to read, write, execute, and connect to — and whether that scope is minimal relative to its stated purpose. Over-permissioned skills are flagged even if no explicit red flags are found.

A five-level trust hierarchy guides how much scrutiny to apply: from Official OpenClaw skills (lower scrutiny) down to new/unknown sources and any skill requesting credentials (maximum scrutiny, human approval always required).

Built-in curl + jq snippets let you rapidly pull repo stats (stars, forks, last updated), list skill files, and fetch the raw SKILL.md for review — no manual browser navigation needed.

Before installing any skill discovered on ClawdHub, run Skill Vetter to check the author's reputation, scan all skill files for red flags, and get a risk classification. The output report gives you a documented reason to install or reject.

Use the built-in quick-vet commands to pull repo metadata and file listings from GitHub, then step through the code review checklist. Particularly useful for newer or low-star repos where community vetting is limited.

When another AI agent recommends or forwards a skill, Skill Vetter provides a neutral, structured review process before any code runs — preventing lateral trust exploitation in multi-agent pipelines.

For skills classified HIGH or EXTREME — those touching credentials, trading systems, or system configuration — Skill Vetter explicitly gates the decision to a human approver, keeping critical choices out of autonomous agent hands.