xiaoding-skill-vetterSecurity-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
Install via ClawdBot CLI:
clawdbot install asterisk622/xiaoding-skill-vetterGrade Good — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Potentially destructive shell commands in tool definitions
eval(Uses known external API (expected, informational)
api.github.comAudited Apr 17, 2026 · audit v1.0
Generated Apr 26, 2026
An AI agent marketplace operator uses Skill Vetter to automatically screen submitted skills before listing them, ensuring only safe, non-malicious skills are available to users.
A company deploying internal AI agents uses Skill Vetter to quarantine any skill downloaded from public sources, enforcing a security policy that rejects high-risk permissions and suspicious code patterns.
A repository maintainer for an open-source AI agent skill collection uses Skill Vetter to vet every contribution, providing a risk assessment report that helps the community trust the skills.
An individual user installs Skill Vetter to review third-party skills before adding them to their personal AI assistant, avoiding potential data theft or system compromise.
In a finance or healthcare setting, Skill Vetter ensures that any AI agent skill meets regulatory requirements by scanning for credential access, data exfiltration, and other compliance violations.
Offer basic vetting (file count, simple red flag check) for free, while charging for advanced features like deep code analysis, integration with CI/CD, and priority support.
Sell per-seat or per-agent licenses to organizations that need to vet large volumes of skills, with custom policies, audit logs, and integration into existing security workflows.
Partner with AI agent marketplaces (e.g., ClawdHub) to embed Skill Vetter as a mandatory vetting step, charging a per-skill vetting fee or a percentage of each transaction.
💬 Integration Tip
Skill Vetter can be run as a standalone script or integrated into CI/CD pipelines using the quick vet commands provided.
Scored Apr 30, 2026
Audit codebases and infrastructure for security issues. Use when scanning dependencies for vulnerabilities, detecting hardcoded secrets, checking OWASP top 10 issues, verifying SSL/TLS, auditing file permissions, or reviewing code for injection and auth flaws.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
Detect anomalies and outliers in construction data: unusual costs, schedule variances, productivity spikes. Statistical and ML-based detection methods.
Efficient, secure agent-to-agent communication protocol. 40-60% token reduction, built-in privacy, Ed25519 signatures.
Scan websites and content to identify SEO gaps, analyze meta tags, technical factors, keyword use, and provide competitor comparison insights.
Provides a comprehensive testing methodology for AI software, covering strategy design, unit, integration, and end-to-end tests with coverage and reporting g...