skill-safety-verifier_skill

This skill performs security-first vetting of external skills before installation, delivering risk scores, red flags, and practical safety recommendations.
  • Python

2.5k

GitHub Stars

8

Bundled Files

2 months ago

Catalog Refreshed

3 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill openclaw/skills --skill skill-safety-verifier

  • _meta.json295 B
  • analyzer.py11.2 KB
  • README_zh.md4.7 KB
  • README.md4.9 KB
  • requirements.txt32 B
  • risk_radar.py5.0 KB
  • setup.py976 B
  • SKILL.md12.2 KB

Overview

This skill performs security-first vetting for AI skills before installation. It analyzes code, dependencies, and permission requests to surface red flags and produce a clear risk classification. The output includes a risk radar, warnings, and actionable recommendations to guide install decisions.

How this skill works

The verifier clones or extracts the skill and runs parallel scans: network/socket checks, static code pattern detection, and vulnerability lookups (e.g., GitHub Advisory API or local cache). It aggregates socket alerts, vulnerability severity, and permission scope into a numeric risk score and classifies risk level with tailored guidance. Results are presented as a concise report with remediation steps and an install recommendation.

When to use it

  • Before installing any third-party skill from ClawdHub, GitHub, or other repositories
  • When an existing installed skill requests expanded permissions or network access
  • During CI/CD pipelines to block high-risk skill changes before deployment
  • When auditing archived skill versions or restoring backups
  • Prior to granting skills persistent or system-level privileges

Best practices

  • Always run the verifier before installation — automated checks catch common issues quickly
  • Treat the report as guidance: review flagged code manually, especially for command execution or eval usage
  • Enforce least privilege: only grant the minimal scopes required for functionality
  • Run high-risk skills inside isolated sandboxes or containers if you must proceed
  • Use caching and non-blocking advisory lookups to keep install workflows responsive

Example use cases

  • Auto-scan a new skill fork during a CI job and fail the build on high-risk findings
  • Pre-install check integrated into an agent marketplace to present safety ratings to users
  • Audit archived SkillHub repositories to identify legacy vulnerabilities before reactivation
  • Verify updates to a skill that introduces network calls or command execution
  • Run targeted scans on installed skills after detecting suspicious outbound traffic

FAQ

It uses a local cache with TTL and runs advisory lookups asynchronously with a short timeout; cached results return immediately and live queries are optional to avoid blocking.

What are the highest-risk findings to act on immediately?

Hardcoded IPs or suspicious domains, unsanitized os.system/subprocess calls, eval/exec usage, credential harvesting, and requests for full system or root access.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational