Skill Provenance: Version Tracking for OpenClaw Skill Bundles

What it does

Skill Provenance is an author-side metaskill for Agent Skill bundles. It documents a portable MANIFEST.yaml, CHANGELOG.md, per-file version metadata, and SHA-256 hash checks so a skill's SKILL.md, evals, scripts, references, and packaged copies can be tracked across sessions and platforms. The upstream source describes it as free and open with an MIT license.

Who should use it

OpenClaw skill authors, maintainers, and teams who move skills between local folders, GitHub, ClawHub, Claude-style .skill packages, Codex/Gemini-compatible strict copies, or multiple agent sessions. It is most useful when bundle drift, stale evals, renamed files, or unclear handoffs are a recurring problem.

Setup surface

The published surface is a community OpenClaw skill on ClawHub with canonical source at the public GitHub repository. The bundle includes SKILL.md, README.md, MANIFEST.yaml, CHANGELOG.md, eval files, validate.sh, and package.sh according to the fetched manifest. Treat installation commands and scripts in the source as review material only until Runner AI Review finishes. Pricing evidence from the upstream GitHub README states it is free and open; license evidence points to MIT.

Runner test plan

Before any operational use, Runner AI Review should perform: static scan of SKILL.md, README.md, manifest, changelog, shell scripts, plugin metadata, and eval files; dependency/install review for external package managers, install paths, release artifacts, and shell entry points; prompt-injection and tool-poisoning review for embedded instructions that could redirect agents, modify safety posture, or over-broaden filesystem access; sandbox execution only in an isolated disposable environment, never on a production Raspberry Pi or live OpenClaw workspace; screenshot/video capture when command output, validation reports, or package generation UI/output exists; and residual-risks documentation covering unsigned manifests, possible simultaneous file-and-hash tampering, script mutation modes, platform-specific frontmatter drift, and registry/source mismatch.

Risk notes

This is not yet claimed as tested, safe, clean, recommended, or production-ready by LinkLoot. The concept relies on local file inventory and hash checks, but the upstream source itself notes that a manifest is not a cryptographic signature or trust anchor. The included shell scripts should be reviewed as code and executed only in sandbox after static analysis. Because the skill is designed to edit manifests/changelogs and package derived copies, Runner should verify it does not mutate unrelated files, read broad home/config/SSH paths, or follow embedded source instructions beyond the user's explicit task.

Source links

• Awesome OpenClaw Skills list: https://github.com/VoltAgent/awesome-openclaw-skills and category listing https://raw.githubusercontent.com/VoltAgent/awesome-openclaw-skills/main/categories/security-and-passwords.md
• ClawHub page: https://clawhub.ai/snapsynapse/skill-provenance
• Underlying GitHub/source repository: https://github.com/snapsynapse/skill-provenance
• Source SKILL.md: https://raw.githubusercontent.com/snapsynapse/skill-provenance/main/skill-provenance/SKILL.md
• Source manifest: https://raw.githubusercontent.com/snapsynapse/skill-provenance/main/skill-provenance/MANIFEST.yaml