Skills from GitHub:sickn33/antigravity-awesome-skills

This skill appears to be mostly documentation, with no executable code to analyze. It is designed to manage environment variables securely.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

Because the skill is mostly documentation, there is little to analyze for security risks. Therefore, it is labeled as trusted.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill appears to be a documentation-based guide for managing environment variables in Claude Code sessions. It mentions credentials and external endpoints.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No obvious script files found; disconnected runtime evidence may remain shallow.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Needs Review

Current public label: Needs Review

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 3 low, 1 info

This skill provides documentation about variant analysis, which is the process of finding similar vulnerabilities and bugs in code.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is labeled as trusted because it appears to be primarily documentation, and no security concerns were found.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill provides documentation for using the uv Python package installer and resolver.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No obvious script files found; disconnected runtime evidence may remain shallow.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Needs Review

Current public label: Needs Review

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 3 low, 1 info

This skill provides instructions on how to use other skills, specifically emphasizing the importance of invoking skills when they might be relevant.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is primarily documentation, and no security issues were found.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill provides documentation for using Neon Serverless Postgres, a cloud database service.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is mostly documentation, which limits the ability to verify its behavior. It also references external network endpoints.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low

This skill provides documentation about using Git worktrees, which create isolated workspaces within a Git repository.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

Because the skill is mostly documentation, there are few opportunities for automated analysis to find problems.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill provides documentation for using Upstash QStash, a serverless message queue service.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is mostly documentation, so there is little to analyze for security concerns.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill provides documentation for upgrading Expo SDK versions, including handling breaking changes and updating dependencies.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

Because the skill is mostly documentation, there is little risk of unexpected behavior. The automated label is therefore trusted.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill integrates with Unsplash to provide high-quality photos for your projects. It appears to be mostly documentation.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is labeled as trusted because it is mostly documentation and does not appear to perform any actions.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill provides expert-level guidelines for developing with Unreal Engine 5 using C++. It focuses on writing robust, performant, and standard-compliant code.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

Because the skill is mostly documentation, there is little to verify, and no reason to distrust it.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill provides documentation for Unity's Data-Oriented Technology Stack (DOTS), including the Entity Component System, Job System, and Burst Compiler.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is primarily documentation, which limits the potential for security concerns.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill appears to be mostly documentation. It does not contain any executable code or configuration files.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

Because the skill is mostly documentation, there is little to analyze for security concerns. The automated system trusts it.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill helps generate unit tests. It appears to be mostly documentation.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is labeled as trusted because it is mostly documentation and has no concerning behavior.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill provides access to the UniProt protein database, allowing users to search for proteins and retrieve sequences.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is mostly documentation, and it references external endpoints, but no other security concerns were found.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low

This skill provides guidance on applying Robert C. Martin's (Uncle Bob) principles for code review and production, including Clean Code and Clean Architecture.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

Because the skill is mostly documentation, there are few opportunities for automated analysis to find problems. The skill is therefore labeled as trusted.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill appears to be mostly documentation. It describes how to validate UI elements.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is labeled as trusted because it is mostly documentation, and the only concerns are low-severity documentation-style signals.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low

This skill provides a design guide for web and mobile applications, including styles, color palettes, font pairings, UX guidelines, and chart types.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Needs Review

Current public label: Needs Review

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low, 1 info

This skill appears to be mostly documentation. It may help with UI/UX design tasks.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is labeled as trusted because the analysis found no security risks. However, it references secrets, so use caution.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low

This skill provides documentation and guidance for building user interfaces.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is primarily documentation, which limits the potential for security issues.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill appears to be mostly documentation. It does not contain any executable code or configuration files.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is labeled as trusted because it is mostly documentation and does not perform any actions.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 low

This skill is designed to be an advanced TypeScript expert. Driftloom found that it contains a destructive shell pattern and references an external URL.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Needs Review

Current public label: Needs Review

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low, 1 info

This skill provides documentation and guidance on advanced TypeScript features like generics and conditional types.

Source: Workspace import

Originally ingested from a local workspace copy.

Automated result: Trusted

Current public label: Trusted

The skill is mostly documentation, and it references secrets, so the automated system labeled it as trusted.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low

This skill automates Twitter/X operations using Composio's Twitter toolkit via Rube MCP. The documentation mentions credentials and external endpoints.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No obvious script files found; disconnected runtime evidence may remain shallow.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Use Caution

Current public label: Use Caution

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 3 low, 1 info