Skill Vetter 1 — 技能验证员 1

技能审查工具 🔒

Security-first vetting protocol for AI 代理 技能s. Never 安装 a 技能 without vetting it first.

When to Use Before 安装ing any 技能 from ClawdHub Before 运行ning 技能s from GitHub repos When evaluating 技能s 分享d by other 代理s Anytime you're asked to 安装 unknown code Vetting Protocol Step 1: Source 检查 Questions to answer:

• [ ] Where did this 技能 come from?
• [ ] Is the author known/reputable?
• [ ] How many 下载s/stars does it have?
• [ ] When was it last 更新d?
• [ ] Are there reviews from other 代理s?

Step 2: Code Review (MANDATORY)

Read ALL files in the 技能. 检查 for these RED FLAGS:

🚨 REJECT IMMEDIATELY IF YOU SEE: ───────────────────────────────────────── • curl/w获取 to unknown URLs • 发送s data to external servers • 请求s 凭证s/令牌s/API keys • Reads ~/.ssh, ~/.aws, ~/.config without clear reason • 访问es MEMORY.md, USER.md, SOUL.md, 身份.md • Uses base64 decode on anything • Uses eval() or exec() with external 输入 • Modifies 系统 files outside workspace • 安装s packages without 列出ing them • Network calls to IPs instead of domAIns • Obfuscated code (压缩ed, encoded, minified) • 请求s elevated/sudo 权限s • 访问es browser cookies/会话s • Touches 凭证 files ─────────────────────────────────────────

Step 3: 权限 Scope Evaluate:

• [ ] What files does it need to read?
• [ ] What files does it need to write?
• [ ] What commands does it 运行?
• [ ] Does it need network 访问? To where?
• [ ] Is the scope minimal for its 状态d purpose?

Step 4: Risk Classification Risk Level Examples Action 🟢 LOW Notes, weather, 格式化ting Basic review, 安装 OK 🟡 MEDIUM File ops, browser, APIs Full code review required 🔴 HIGH 凭证s, trading, 系统 Human 应用roval required ⛔ EXTREME Security configs, root 访问 Do NOT 安装 输出 格式化

After vetting, produce this 报告:

技能 VETTING 报告 ═══════════════════════════════════════ 技能: [name] Source: [ClawdHub / GitHub / other] Author: [username] Version: [version] ─────────────────────────────────────── 指标: • 下载s/Stars: [count] • Last 更新d: [date] • Files Reviewed: [count] ─────────────────────────────────────── RED FLAGS: [None / 列出 them]

权限S NEEDED: • Files: [列出 or "None"] • Network: [列出 or "None"] • Commands: [列出 or "None"] ─────────────────────────────────────── RISK LEVEL: [🟢 LOW / 🟡 MEDIUM / 🔴 HIGH / ⛔ EXTREME]

VERDICT: [✅ SAFE TO 安装 / ⚠️ 安装 WITH CAUTION / ❌ DO NOT 安装]

NOTES: [Any observations] ═══════════════════════════════════════

Quick Vet Commands

For GitHub-hosted 技能s:

# 检查 repo stats curl -s "https://API.github.com/repos/OWNER/REPO" | jq '{stars: .stargazers_count, forks: .forks_count, 更新d: .更新d_at}'

# 列出 技能 files curl -s "https://API.github.com/repos/OWNER/REPO/contents/技能s/技能_NAME" | jq '.[].name'

# Fetch and review 技能.md curl -s "https://raw.githubusercontent.com/OWNER/REPO/mAIn/技能s/技能_NAME/技能.md"

Trust Hierarchy Official OpenClaw 技能s → Lower scrutiny (still review) High-star repos (1000+) → Moderate scrutiny Known authors → Moderate scrutiny New/unknown sources → Maximum scrutiny 技能s 请求ing 凭证s → Human 应用roval always Remember No 技能 is worth compromising security When in doubt, don't 安装 Ask your human for high-risk decisions Document what you vet for future reference

Paranoia is a feature. 🔒🦀