Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns. The skill is an instruction-only vetti
Security
High Risk
Quality
Watch · 66
Install
manual only
Audit version
audit-standard-v2
Source metrics come from upstream registries/repositories. Platform metrics come from user actions on SkillTrust and are protected by dedupe/rate-limit anti-abuse rules.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns. The skill is an instruction-only vetting checklist that is internally consistent with its purpose and requests no credentials, installs, or unusual privileges. This is a coherent, low-risk instruction-only vetting skill: it contains a sensible checklist and GitHub query examples and does not ask for secrets or installs. Before using it, remember: (1) vetting requires the agent to read candidate skill files and may perform network calls — confirm you want those permissions; (2) the checklist helps detect obvious red flags but does not guarantee detection of cleverly obfuscated or time-delayed malicious code, so for high-risk skills perform a human code review; (3) run the quick curl commands from a controlled environment (no privileged credentials in the shell) and avoid pasting sensitive tokens into outputs. If you want stronger guarantees, require manual human approval for skills classified as MEDIUM+ or that request any credentials.
• Add explicit When to Use / Guidelines sections.
• Provide at least one concrete input-output example.
• Publish versioned changelog and update cadence.
• Document compatibility and breaking-change policy.
• Expand capability limits and boundary conditions.
Is this a security certification?
No. SkillTrust audit is advisory and should be combined with your own review controls.
Can I install directly from this page?
No one-click install is provided. Use command guidance and run in your controlled environment.
Initial release - Security-first skill vetting for AI agents
Official source did not expose a direct install command.
Open official docsInstall method: instruction-only
Quick install
Quick preflight
Read source docs and verify prerequisites manually.Preflight checks
Post-install signal
Installed successfully? Send an activation signal to improve ranking quality over time.
Audit score 60 / 100. Risk guidance is advisory only; review evidence before install.
• Add troubleshooting and FAQ for common failures.
• Improve discoverability through verified source channels.
• Publish usage examples to increase activation quality.
• Reduce shell/file/network scope and document least privilege.
• Expose explicit provenance, dependency pinning, and security notes.
• Provide structured install + rollback steps for each supported agent.
• Mark official/verified status and keep metadata timestamps fresh.
Moderately fresh; review release notes before install.
Audit guidance: 60 / 100 · high
Scores with similar values can still differ in confidence; use evidence and risk lines below for final install judgment.
Risk 60 · Δ +0 · Findings 5
Apr 2, 2026 · auto
Latest high risk result from audit-standard-v2.