Compare skills
Pick 2–4 skills and compare what really matters: fit, risk, install effort, and community signal.
Comparison matrix
Highlights show current best; tooltip explains diff/best rules.
SAS-v2.1 diff rules / risk tag notes
Start with the matrix. Open this section when you need to understand audit grades, top threats, control gaps, and best-value highlights.
Suggested baseline
Repository: openclaw/skills
Author: eternal0404 · Source status: Clear source
The all-in-one master skill — unified interface for every capability domain.
Score basis:Clear source · High risk signals · Claude
Search to add skills, or paste 2–4 comma-separated slugs.
How differences are detected
A row is marked different when selected skills have distinct values. Only-differences mode hides rows that are identical.
How best values are highlighted
Audit score, evidence confidence, trust score, and community signal prefer higher values; execution risk and install friction prefer lower values.
How to read risk tags
Risk tags come from SAS-v2.1 public-evidence signals and point to command, network, secret, context, or supply-chain items to review before install.
Selected audit signals
predictive-scaler
Execution risk:High
Threat tags:unexpected code execution, data exfiltration, human approval gap
Control gaps:missing license, shell without guardrails, network without allowlist
OpenPaperGraph
Execution risk:High
Threat tags:unexpected code execution, identity privilege abuse, data exfiltration
Control gaps:missing license, broad permissions, shell without guardrails
security-ownership-map
Execution risk:High
Threat tags:data exfiltration, human approval gap
Control gaps:missing license, broad permissions, network without allowlist
| Dimension | predictive-scaler | OpenPaperGraph | security-ownership-map |
|---|---|---|---|
| SAS-v2.1 pre-install audit | |||
Threat tags | unexpected code execution, data exfiltration, human approval gap | unexpected code execution, identity privilege abuse, data exfiltration | data exfiltration, human approval gap |
Control gaps | missing license, shell without guardrails, network without allowlist | missing license, broad permissions, shell without guardrails | missing license, broad permissions, network without allowlist |
Permission summary | Permission review, Network, Command | Permission review, Network, Secrets, Command | Permission review, Network, Command |
Evidence confidence | 63% | 67% | 67% |
| Source & provenance | |||
Provenance | openclaw/skills | openclaw/skills | openai/skills/tree/main/skills/.curated/security-ownership-map |
Freshness | 2026-03-25 | 2026-03-25 | 2026-02-11 |
| Risk & trust | |||
Trust score | 85 | 84 | 82 |
Audit signals | network access | needs credentials, network access, runs shell, writes files | writes files |
| Install & compatibility | |||
Supported tools | Universal | Claude, Codex, OpenClaw | Claude, Codex, Cursor, Universal |
Install method | script-backed | script-backed | registry-install |
Install friction | |||
| Community | |||
Stars | 0 | 0 | 7.3K |
Repository: openclaw/skills
Author: lbtylb · Source status: Clear source
Advanced suite for creating, editing, and analyzing Microsoft Office documents (Word, Excel, PowerPoint).
Score basis:Clear source · High risk signals · OpenClaw
Repository: openclaw/skills
Author: kongbai233 · Source status: Clear source
This skill should be used when the user needs to analyze Git repositories, compare developer commit patterns, work habits, development efficiency, code style, code quality, and slacking behaviors.
Score basis:Clear source · High risk signals · Universal
Repository: openclaw/skills
Author: cinience · Source status: Clear source
Use when multimodal embeddings are needed from Alibaba Cloud Model Studio models such as `qwen3-vl-embedding` for image, video, and text retrieval, cross-modal search, clustering, or offline vectorization pipelines.
Score basis:Clear source · High risk signals · Universal
Permission hints |
|---|
verify source provenance before install |
verify source provenance before install |
registry access, remote metadata pull, runtime dependencies may be required |
40 |
65 |
50 |
