skill-shellEvaluate external skills before installation and decide whether to install, reject, or absorb only the useful ideas. Use when a user shares a ClawHub/GitHub...
Install via ClawdBot CLI:
clawdbot install g-hanasq/skill-shellGrade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Potentially destructive shell commands in tool definitions
eval(Audited Apr 16, 2026 · audit v1.0
Generated Mar 20, 2026
A developer finds a GitHub skill promising automation but wants to verify it doesn't introduce security risks or unnecessary dependencies before integrating it into their OpenClaw workflow. This scenario involves static review of code and dynamic testing in a sandboxed environment.
A security analyst needs to assess a new skill for potential data exfiltration or credential theft before allowing its use in a production workflow. They use the skill to inspect package contents and check for red flags like obfuscated code or external network calls.
A workflow engineer evaluates multiple skills to enhance an existing OpenClaw setup, focusing on how well each fits current processes without adding token costs or background behaviors. This involves classifying skill types and checking environment sensitivity levels.
A content creator considers installing a skill for generating marketing copy but first reviews it to ensure it's not just documentation-heavy without actual functionality. They assess if useful ideas can be absorbed into local prompts instead of full installation.
A startup founder evaluates a skill for automating customer support tasks, checking for hidden costs like ongoing token usage or dependencies on external ecosystems. They prioritize skills that add concrete capabilities with minimal complexity.
Offer basic skills for free with premium features like advanced security reviews or integration support for a subscription fee. Revenue comes from monthly plans for enterprises needing reliable, vetted automation tools.
Provide personalized services to help businesses evaluate and integrate external skills into their OpenClaw workflows, focusing on risk assessment and optimization. Revenue is generated through project-based fees or hourly rates.
Charge skill developers for certification badges that indicate safety and compatibility with OpenClaw workflows, building trust among users. Revenue comes from one-time certification fees and ongoing renewal charges.
💬 Integration Tip
Always start with a static review using Codex for code audits before dynamic validation, and classify the skill type to tailor scrutiny based on its primary function.
Scored Apr 19, 2026
Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve. Now with WAL Protocol, Working Buffer, Autonomous Crons, and battle-tested patterns. Part of the Hal Stack 🦞
Clawdbot documentation expert with decision tree navigation, search scripts, doc fetching, version tracking, and config snippets for all Clawdbot features
Use the ClawdHub CLI to search, install, update, and publish agent skills from clawdhub.com. Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, or publish new/updated skill folders with the npm-installed clawdhub CLI.
Backup and restore OpenClaw data. Use when user asks to create backups, set up automatic backup schedules, restore from backup, or manage backup rotation. Handles ~/.openclaw directory archiving with proper exclusions.
Vet ClawHub skills for security and utility before installation. Use when considering installing a ClawHub skill, evaluating third-party code, or assessing w...
Coding workflow with planning, implementation, verification, and testing for clean software development.