explainx.ainewsletter3.02k
Productivity

clawhub-skill-vetting

hugomrtz/skill-vetting-clawhub · updated Apr 8, 2026

$npx skills add https://github.com/hugomrtz/skill-vetting-clawhub --skill clawhub-skill-vetting
0 commentsdiscussion
summary

Security-first vetting workflow for evaluating ClawHub skills before installation.

  • Mandatory code review scanning for exfiltration, secrets access, eval/exec, and obfuscation across all files
  • Six-step vetting process covering source reputation, permission scope, recent activity, community feedback, and safe installation practices
  • Produces structured SKILL VETTING REPORT with go/no-go recommendation, confidence scoring, and explicit red flag callouts
  • Includes reference checklist wi
skill.md

ClawHub Skill Vetting

Overview

Apply a strict, security‑first vetting workflow before installing any ClawHub skill. Prioritize code review, permission scope, domain listing, and risk scoring.

Workflow

  1. Source check — author reputation, stars/downloads, last update, reviews.
  2. Code review (MANDATORY) — scan all files for exfiltration, secrets access, eval/exec, obfuscation.
  3. Permission scope — files, commands, network; confirm minimal scope.
  4. Recent activity — detect suspicious bursts.
  5. Community check — Discord/GitHub Discussions.
  6. Install safely — sandbox + inspect permissions.

Reference

Use references/vetting-guide.md for the full checklist, commands, red flags, confidence scoring, and report template.

Output expectations

  • Produce the SKILL VETTING REPORT format.
  • Provide a go/no‑go recommendation with reasons.
  • If unclear, recommend sandbox install only or reject.
  • Call out any red flags explicitly.
  • Include a confidence score and threshold.

Discussion

Product Hunt–style comments (not star reviews)
  • No comments yet — start the thread.
general reviews

Ratings

4.658 reviews
  • Hana Chen· Dec 24, 2024

    I recommend clawhub-skill-vetting for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.

  • Hana Johnson· Dec 16, 2024

    Registry listing for clawhub-skill-vetting matched our evaluation — installs cleanly and behaves as described in the markdown.

  • Meera Johnson· Dec 16, 2024

    clawhub-skill-vetting fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.

  • Sakura Shah· Dec 8, 2024

    Solid pick for teams standardizing on skills: clawhub-skill-vetting is focused, and the summary matches what you get after install.

  • Hana Thompson· Nov 15, 2024

    clawhub-skill-vetting has been reliable in day-to-day use. Documentation quality is above average for community skills.

  • Hana Okafor· Nov 15, 2024

    clawhub-skill-vetting reduced setup friction for our internal harness; good balance of opinion and flexibility.

  • Meera Smith· Nov 7, 2024

    Useful defaults in clawhub-skill-vetting — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.

  • Michael Farah· Nov 7, 2024

    clawhub-skill-vetting is among the better-maintained entries we tried; worth keeping pinned for repeat workflows.

  • Soo Taylor· Oct 26, 2024

    I recommend clawhub-skill-vetting for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.

  • Chinedu Chen· Oct 26, 2024

    Keeps context tight: clawhub-skill-vetting is the kind of skill you can hand to a new teammate without a long onboarding doc.

showing 1-10 of 58

1 / 6