Skills

skill-audit

Installation
SKILL.md

Skill Audit — Pre-Install Security Scanner

Overview

7.5% of 14,706 OpenClaw skills are confirmed malicious. This skill provides a structured 6-phase security review you run before installing any third-party skill.

Research findings (2026):

  • RankClaw audited 14,706 skills → 1,103 malicious (brand-jacking, prompt injection, RCE)
  • Vett.sh found 59 critical-risk droppers disguised as legitimate tools
  • Cisco, CrowdStrike, NCC Group all published skill supply chain attack reports

When to Use This Skill

  • Use when you're about to install a third-party skill from GitHub, ClawHub, or any registry
  • Use when you want to verify a skill's security before adding it to your agent
  • Use when the user says "install this skill" or "add this skill"
  • Use when reviewing skills for potential security issues

How It Works

Installs
39
Repository
sickn33/antigra…e-skills
GitHub Stars
41.8K
First Seen
May 4, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykFail
skill-audit — sickn33/antigravity-awesome-skills