Skill Vetter for OpenClaw Pre-Install Reviews

What it does

Skill Vetter is a compact OpenClaw review checklist for inspecting community skills before installation. It focuses on provenance, file scope, command scope, network behavior, credential access, obfuscation, and risk classification. The useful angle is not automation depth; it gives an agent a repeatable pre-installation review format before any untrusted skill runs.

Who should use it

Use it when an OpenClaw operator wants a lightweight gate before installing skills from ClawHub, GitHub, or a shared zip. It fits solo agents, small teams, and maintainers who need a consistent report format for community skill review. It is less useful if you already run a full sandboxed review pipeline with dependency scanning and execution tracing.

Setup surface

ClawHub lists the package as @fatfingererr/azhua-skill-vetter with install command openclaw skills install @fatfingererr/azhua-skill-vetter. The reachable source surface includes the ClawHub skill page, the direct SKILL.md file endpoint, and the ClawHub package download. No separate GitHub repository was visible from the reviewed pages. Treat the package as untrusted until Runner review finishes.

Pricing: the ClawHub page shows MIT-0 license metadata and no paid gate, so this Loot is classified as free from available source evidence.

Runner test plan

• Static scan: inspect every file in the downloaded skill package, including _meta.json, skill-card.md, and SKILL.md.
• Dependency/install review: verify whether the package declares scripts, package files, shell helpers, or install-time side effects; compare that surface against the ClawHub metadata.
• Prompt-injection/tool-poisoning review: treat the skill text as untrusted content and check for instructions that override agent policy, request secrets, broaden file access, or force unsafe verdicts.
• Sandbox execution: install only in a disposable OpenClaw workspace with no real credentials, no production memory files, and network controls enabled.
• Screenshot/video: capture the install output and one sample vetting report if command output or UI evidence exists.
• Residual risks: ClawHub packages can change after publication, the visible source is registry-hosted rather than a GitHub repo with independent commit history, and the skill's own checklist language should not replace human approval for high-risk installs.

Risk notes

The candidate is security-themed, but that does not make it reviewed or safe. It includes suggested curl commands for GitHub-hosted skills; those should be treated as examples for a sandboxed reviewer, not commands to run blindly. The strongest limitation is source transparency: a direct SKILL.md path is reachable, but no underlying GitHub repository was visible during this pass.

Source links

• Awesome OpenClaw Skills list: https://github.com/VoltAgent/awesome-openclaw-skills/blob/main/README.md?plain=1#L240
• ClawHub page: https://clawhub.ai/fatfingererr/azhua-skill-vetter
• Independent index page: https://clawskills.sh/skills/fatfingererr-azhua-skill-vetter
• Reachable SKILL.md source: https://clawhub.ai/api/v1/skills/azhua-skill-vetter/file?path=SKILL.md
• Reachable package download: https://wry-manatee-359.convex.site/api/v1/download?slug=azhua-skill-vetter