Skills that still need review

This skill provides a design guide for web and mobile applications, including styles, color palettes, font pairings, UX guidelines, and chart types.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Needs Review

Current public label: Needs Review

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low, 1 info

This skill helps you summarize progress, write a daily dev log, and perform a daily review, syncing with Notion and Obsidian.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Needs Review

Current public label: Needs Review

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low, 1 info

This skill scrapes data from websites using various actors.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Needs Review

Current public label: Needs Review

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low, 1 info

This skill provides documentation for using the uv Python package installer and resolver.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: Not recorded yet. Driftloom currently recommends a sandbox runtime check for this version (priority 30).

Automated result: Needs Review

Current public label: Needs Review

The skill's use of a pipe-to-shell pattern and external network reference warrants review.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 high, 2 low

This skill appears to be a documentation-based guide for managing environment variables in Claude Code sessions. It mentions credentials and external endpoints.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No obvious script files found; disconnected runtime evidence may remain shallow.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Needs Review

Current public label: Needs Review

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 3 low, 1 info

This skill provides best practices for React and Next.js applications, as maintained by Vercel.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Needs Review

Current public label: Needs Review

The skill's use of external network resources and HTTP calls warrants review.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 4 medium, 4 low

This skill is a vulnerability scanner. It uses credentials or secrets and includes shell-oriented behavior.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Needs Review

Current public label: Needs Review

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low, 1 info

This skill builds web artifacts by initializing a frontend repo, developing the artifact, and bundling the code into a single HTML file.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Needs Review

Current public label: Needs Review

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low, 1 info

This skill analyzes stock data using public EDGAR and market data sources.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Needs Review

Current public label: Needs Review

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low, 1 info