Analyze any skill for safety before use. Preserve local judgment, classify risk clearly, and optionally verify the final report with SettlementWitness.
Real data. Real impact.
Growing
Developers
Per week
Open source
Skills give you superpowers. Install in 30 seconds.
Analyze skills before installation or use. Classify capabilities, risks, and trust dependencies with structured local review. Optionally verify the completed report with SettlementWitness.
This is a packaged vetting skill, not a thin wrapper. It preserves local inspection as the primary decision path and adds an optional verification layer for auditability.
This skill defines a local review workflow with an optional verification step for the final report.
Never outsource the safety decision.
External systems may help verify that a report was produced correctly, but the actual judgment about whether a skill should be trusted remains local and reviewable.
| Situation | Action |
|---|---|
| New skill from unknown source | Run full local vetting workflow |
| Skill asks for secrets or credentials | Escalate risk immediately |
| Skill writes outside workspace | Mark as high risk unless clearly justified |
| Skill calls external services | Classify trust dependency and data exposure |
| Skill contains obfuscation or hidden execution | Mark unsafe |
| Final report is complete | Optionally verify the report structure and verdict consistency |
| Verification returns PASS | Attach receipt metadata to the report |
| Verification returns FAIL | Re-check findings and correct the report |
| Verification returns INDETERMINATE | Hold for manual review; do not treat as verified |
Skill Vetter v2 evaluates a target skill across four dimensions:
Purpose and scope What the skill claims to do, and whether its requested capabilities match that purpose.
Install-time behavior File writes, package installs, hooks, system changes, or bootstrap modifications.
Runtime behavior Commands, file access, network access, external APIs, tool usage, and data handling.
Trust dependency Whether the skill depends on transparent and reviewable systems, or on opaque and unverifiable services.
Inspect the skill package locally
SKILL.mdREADME.mdIdentify declared and implied capabilities
Evaluate risk
Generate a structured report
Optional: verify the completed report
Review for:
Review for:
Classify the skill's external dependencies:
Reject or escalate immediately if you find:
{ "skill_name": "...", "purpose": "...", "source": "clawhub | github | local | other", "capabilities": ["..."], "install_risk": "low | medium | high | extreme", "runtime_risk": "low | medium | high | extreme", "trust_dependency": "none | transparent | opaque", "warnings": ["..."], "recommendations": ["..."], "verdict": "safe | caution | unsafe", "verified": false, "verification": { "status": "not_run | pass | fail | indeterminate", "receipt_id": null, "notes": "" } }
{ "skill_name": "example-email-sender", "source": "github", "description": "Sends automated emails using an external API", "files": ["SKILL.md", "scripts/send-email.sh"] }
{ "skill_name": "example-email-sender", "purpose": "Send automated emails via external API", "source": "github", "capabilities": [ "network access", "external API calls", "file read/write" ], "install_risk": "low", "runtime_risk": "medium", "trust_dependency": "opaque", "warnings": [ "Uses external API with unclear data handling", "No transparency on where email content is sent" ], "recommendations": [ "Verify API endpoint and data handling policy", "Limit data exposure before use" ], "verdict": "caution", "verified": false, "verification": { "status": "not_run", "receipt_id": null, "notes": "" } }
Use verification only after the local review is complete.
Recommended pattern:
Define a deterministic verification spec for the report
Submit only the structured report and spec
Interpret results conservatively
verified: trueverified: falseverified: falseVerification is optional and must never override local safety concerns.
OpenClaw is the best fit for this skill because it supports packaged skills, hooks, and workspace context.
Via ClawHub:
clawdhub install skill-vetter-v2
Manual:
git clone https://github.com/your-org/skill-vetter-v2.git ~/.openclaw/skills/skill-vetter-v2
Install the reminder hook if you want a prompt to vet skills before trusting them:
cp -r hooks/openclaw ~/.openclaw/hooks/skill-vetter-v2 openclaw hooks enable skill-vetter-v2
Run the local helper against a skill folder:
bash scripts/scan-skill.sh /path/to/skill
This helper inventories files and flags common red-patterns locally. It does not make network calls.
Use this skill with Claude Code, Codex, Copilot, or other agents by copying the package into your skills directory and reviewing target skills locally.
Suggested workflow:
SKILL.mdAgents can:
ai-agents, skill-safety, risk-analysis, verification, trust, security
No automatic installation available. Please visit the source repository for installation instructions.
View Installation Instructions
1,500+ AI skills, agents & workflows. Install in 30 seconds. Part of the Torly.ai family.
© 2026 Torly.ai. All rights reserved.