From 6cd8697434c30e7b7c0bbf46715a3ffc64760960 Mon Sep 17 00:00:00 2001 From: Necati Ozmen Date: Fri, 20 Feb 2026 15:02:29 +0300 Subject: [PATCH 1/2] update README --- CONTRIBUTING.md | 6 ++++++ README.md | 18 ++++++++++++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 34377e9..67c33fe 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -42,6 +42,12 @@ If an author has multiple skills in the same area, please don't add them one by - Fix broken links, typos, or outdated descriptions via PR - If a skill has been removed or deprecated, open an issue or submit a PR to remove it +## Security Policy + +We only include skills whose security status on [ClawHub](https://www.clawhub.ai/) is **not flagged as suspicious**. Skills that are marked as suspicious on ClawHub will not be accepted into this list. + +If you believe a skill currently in this list has a security concern or should be flagged, please [open an issue](https://github.com/VoltAgent/awesome-clawdbot-skills/issues) so we can review and remove it. + ## Important - This repository curates links only. Each skill lives in the official OpenClaw skills repo. diff --git a/README.md b/README.md index 294b866..7f683ff 100644 --- a/README.md +++ b/README.md @@ -32,9 +32,23 @@ OpenClaw (previously known as Moltbot, originally Clawdbot... identity crisis in Skills in this list are sourced from [ClawHub](https://www.clawhub.ai/) (OpenClaw's public skills registry) and categorized for easier discovery. -These skills follow the Agent Skill convention develop by Anthropic, an open standard for AI coding assistants. +## Security Notice + +Skills in this list are **curated, not audited**. They may be updated, modified, or replaced by their original maintainers at any time after being added here. + +Before installing or using any Agent Skill, review potential security risks and validate the source yourself. + +**Recommended tools:** + +- [Snyk Skill Security Scanner](https://github.com/snyk/agent-scan) +- [Agent Trust Hub](https://ai.gendigital.com/agent-trust-hub) + +> Agent skills can include prompt injections, tool poisoning, hidden malware payloads, or unsafe data handling patterns. Always review the code and use skills at your own discretion. + +**Want to add a skill?** This list only includes skills that are **already published** in the `github.com/openclaw/skills` repository. We do not accept links to personal repos, gists, or any other external source. If your skill isn't in the OpenClaw skills repo yet, publish it there first. See [CONTRIBUTING.md](CONTRIBUTING.md) for details. + +We only include skills whose security status on ClawHub is **not flagged as suspicious**. If you believe a skill in this list should be flagged or has a security concern, please [open an issue](https://github.com/VoltAgent/awesome-clawdbot-skills/issues) so we can review it. -> **Want to add a skill?** This list only includes skills that are **already published** in the "github.com/openclaw/skills". We do not accept links to personal repos, gists, or any other external source. If your skill isn't in the OpenClaw skills repo yet, publish it there first. See [CONTRIBUTING.md](CONTRIBUTING.md) for details. ## Installation From 0a126959188d4dcaee60e32d45855b7e78151443 Mon Sep 17 00:00:00 2001 From: Necati Ozmen Date: Fri, 20 Feb 2026 15:05:55 +0300 Subject: [PATCH 2/2] update README --- README.md | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 7f683ff..be3fa78 100644 --- a/README.md +++ b/README.md @@ -32,22 +32,6 @@ OpenClaw (previously known as Moltbot, originally Clawdbot... identity crisis in Skills in this list are sourced from [ClawHub](https://www.clawhub.ai/) (OpenClaw's public skills registry) and categorized for easier discovery. -## Security Notice - -Skills in this list are **curated, not audited**. They may be updated, modified, or replaced by their original maintainers at any time after being added here. - -Before installing or using any Agent Skill, review potential security risks and validate the source yourself. - -**Recommended tools:** - -- [Snyk Skill Security Scanner](https://github.com/snyk/agent-scan) -- [Agent Trust Hub](https://ai.gendigital.com/agent-trust-hub) - -> Agent skills can include prompt injections, tool poisoning, hidden malware payloads, or unsafe data handling patterns. Always review the code and use skills at your own discretion. - -**Want to add a skill?** This list only includes skills that are **already published** in the `github.com/openclaw/skills` repository. We do not accept links to personal repos, gists, or any other external source. If your skill isn't in the OpenClaw skills repo yet, publish it there first. See [CONTRIBUTING.md](CONTRIBUTING.md) for details. - -We only include skills whose security status on ClawHub is **not flagged as suspicious**. If you believe a skill in this list should be flagged or has a security concern, please [open an issue](https://github.com/VoltAgent/awesome-clawdbot-skills/issues) so we can review it. ## Installation @@ -89,9 +73,24 @@ OpenClaw's public registry (ClawHub) hosts **5,705 community-built skills** as o | Non-English — descriptions not in English | 8 | | **Total not taken from OpenClaw's official skill registry** | **2,748** | -> **Disclaimer:** Inclusion in this list does **not** guarantee a skill is safe or trustworthy. OpenClaw now has a VirusTotal partnership that provides security scanning for skills. Before installing a skill, visit its page on ClawHub and check the VirusTotal report to see if it's flagged as risky. We also recommend reviewing a skill's source code before installing and using tools like Claude Code or Codex to inspect it for potentially harmful behavior. -If you think a skill was incorrectly excluded or miscategorized, feel free to open an issue or PR. We may have made mistakes. +## Security Notice + +Skills in this list are **curated, not audited**. They may be updated, modified, or replaced by their original maintainers at any time after being added here. + +Before installing or using any Agent Skill, review potential security risks and validate the source yourself. OpenClaw has a **VirusTotal partnership** that provides security scanning for skills, visit a skill's page on ClawHub and check the VirusTotal report to see if it's flagged as risky. + +**Recommended tools:** + +- [Snyk Skill Security Scanner](https://github.com/snyk/agent-scan) +- [Agent Trust Hub](https://ai.gendigital.com/agent-trust-hub) + +> Agent skills can include prompt injections, tool poisoning, hidden malware payloads, or unsafe data handling patterns. Always review the source code before installing and use skills at your own discretion. + +**Want to add a skill?** This list only includes skills that are **already published** in the `github.com/openclaw/skills` repository. We do not accept links to personal repos, gists, or any other external source. If your skill isn't in the OpenClaw skills repo yet, publish it there first. See [CONTRIBUTING.md](CONTRIBUTING.md) for details. + +If you believe a skill in this list should be flagged or has a security concern, please [open an issue](https://github.com/VoltAgent/awesome-clawdbot-skills/issues) so we can review it. +