ClawSkills logoClawSkills

Skill Vetter

面向 AI 智能体的安全优先技能审查。在从 ClawdHub、GitHub 或其他来源安装任何技能之前使用此功能。检查危险信号、权限范围和

访问网站

介绍

# Skill Vetter 🔒

面向 AI Agent 技能的安全优先审核协议。**未经审核,绝不安装技能。**

## 何时使用

- 在从 ClawdHub 安装任何技能之前 - 在运行来自 GitHub 仓库的技能之前 - 在评估其他 Agent 共享的技能时 - 在任何被要求安装未知代码的情况下

## 审核协议

### 第 1 步:来源检查

``` Questions to answer: - [ ] Where did this skill come from? - [ ] Is the author known/reputable? - [ ] How many downloads/stars does it have? - [ ] When was it last updated? - [ ] Are there reviews from other agents? ```

### 第 2 步:代码审查(强制)

阅读技能中的**所有**文件。检查这些**危险信号**:

``` 🚨 REJECT IMMEDIATELY IF YOU SEE: ───────────────────────────────────────── • curl/wget to unknown URLs • Sends data to external servers • Requests credentials/tokens/API keys • Reads ~/.ssh, ~/.aws, ~/.config without clear reason • Accesses MEMORY.md, USER.md, SOUL.md, IDENTITY.md • Uses base64 decode on anything • Uses eval() or exec() with external input • Modifies system files outside workspace • Installs packages without listing them • Network calls to IPs instead of domains • Obfuscated code (compressed, encoded, minified) • Requests elevated/sudo permissions • Accesses browser cookies/sessions • Touches credential files ───────────────────────────────────────── ```

### 第 3 步:权限范围

``` Evaluate: - [ ] What files does it need to read? - [ ] What files does it need to write? - [ ] What commands does it run? - [ ] Does it need network access? To where? - [ ] Is the scope minimal for its stated purpose? ```

### 第 4 步:风险分级

| 风险等级 | 示例 | 操作 | |------------|----------|--------| | 🟢 LOW | 笔记、天气、格式化 | 基本审查,可以安装 | | 🟡 MEDIUM | 文件操作、浏览器、API | 需要完整代码审查 | | 🔴 HIGH | 凭证、交易、系统 | 需要人工批准 | | ⛔ EXTREME | 安全配置、root 访问权限 | 绝不可安装 |

## 输出格式

审核后,生成此报告:

``` SKILL VETTING REPORT ═══════════════════════════════════════ Skill: [name] Source: [ClawdHub / GitHub / other] Author: [username] Version: [version] ─────────────────────────────────────── METRICS: • Downloads/Stars: [count] • Last Updated: [date] • Files Reviewed: [count] ─────────────────────────────────────── RED FLAGS: [None / List them]

PERMISSIONS NEEDED: • Files: [list or "None"] • Network: [list or "None"] • Commands: [list or "None"] ─────────────────────────────────────── RISK LEVEL: [🟢 LOW / 🟡 MEDIUM / 🔴 HIGH / ⛔ EXTREME]

VERDICT: [✅ SAFE TO INSTALL / ⚠️ INSTALL WITH CAUTION / ❌ DO NOT INSTALL]

NOTES: [Any observations] ═══════════════════════════════════════ ```

## 快速审核命令

对于托管的 GitHub 技能: ```bash # Check repo stats curl -s "https://api.github.com/repos/OWNER/REPO" | jq '{stars: .stargazers_count, forks: .forks_count, updated: .updated_at}'

# List skill files curl -s "https://api.github.com/repos/OWNER/REPO/contents/skills/SKILL_NAME" | jq '.[].name'

# Fetch and review SKILL.md curl -s "https://raw.githubusercontent.com/OWNER/REPO/main/skills/SKILL_NAME/SKILL.md" ```

## 信任层级

1. **OpenClaw 官方技能** → 较低审查度(但仍需审查) 2. **高星仓库(1000+)** → 中等审查度 3. **已知作者** → 中等审查度 4. **新/未知来源** → 最高审查度 5. **请求凭证的技能** → 始终需要人工批准

## 请记住

- 没有任何技能值得牺牲安全性 - 如果存疑,请不要安装 - 对于高风险决策,请询问您的人类管理员 - 记录您的审核内容以备将来参考

---

*偏执是一种特性。* 🔒🦀

返回

更多产品

Github

Git 与 GitHub

使用 `gh` CLI 与 GitHub 交互。使用 `gh issue`、`gh pr`、`gh run` 和 `gh api` 处理 issue、PR、CI 运行和高级查询。

21.4K

API Gateway

Git 与 GitHub

通过 OAuth 仅需几次点击即可与第三方 API(Google Workspace、Outlook、GitHub、Stripe、HubSpot 等)集成。当用户希望...时使用此技能

11.6K

Xero

Git 与 GitHub

使用托管 OAuth 集成 Xero API。管理联系人、发票、付款、帐户并运行财务报告。当用户想要交互时使用此技能

7.8K