skill-install_skill

This skill installs Claude skills from GitHub with automated security scanning and user-guided approval to ensure safe integration.
  • Go

2.1k

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill cexll/myclaude --skill skill-install

  • SKILL.md5.7 KB

Overview

This skill installs Claude skills from GitHub repositories with automated security scanning to protect against malicious code and unsafe behavior. It fetches available skills, scans their contents for risks, and installs approved skills into the local Claude skills directory. The process is interactive and conservative: warnings require user confirmation, and critical findings block installation.

How this skill works

The skill accepts a GitHub URL and enumerates a skills directory in the target repo. It downloads each selected skill's files, runs a structured security analysis against a comprehensive prompt template, and classifies findings as SAFE, WARNING, or DANGEROUS with a recommended action. Approved skills are written into the local skills path with preserved structure and appropriate permissions; warnings require explicit user consent before installation.

When to use it

  • You have a GitHub URL that contains a skills folder and want to install one or more skills.
  • You want to browse and select available skills from a remote repository before installing.
  • You need an automated security review of a third-party skill before adding it to Claude.
  • You want to safely add new capabilities to your Claude environment while minimizing risk.

Best practices

  • Always review the scanner's findings before approving installations marked WARNING.
  • Prefer skills that receive a SAFE assessment or have minimal, low-risk warnings.
  • Keep the installed skills directory backed up and restrict file permissions for scripts.
  • Avoid installing skills that access sensitive local paths or external services without clear necessity.
  • When in doubt, reject skills with obfuscated code, credential access, or unexpected network calls.

Example use cases

  • Install a set of task automation skills shared in a team's GitHub project after scanning them for shell or network risks.
  • Browse a public collection of skills and selectively install only those that pass the security scan.
  • Add a community-contributed skill while being alerted to any external dependencies or privilege escalations.
  • Automate deployment of approved skills into ~/.claude/skills/ for a fresh Claude instance setup.

FAQ

You will see detailed warnings and must explicitly confirm whether to proceed; the decision stays with you.

Can I override a DANGEROUS (critical) result?

Critical severity findings block installation and cannot be overridden to protect your environment.

Where are installed skills placed?

Approved skills are installed under ~/.claude/skills/ with directory structure and executable flags preserved.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational