D
DriftLoom.ai
OpenClaw skill trust index
πŸ§ͺ runtime dashboard live
☰ Menu
publisher profilecommunity

guifav

guifav publishes 9 tracked skills in DriftBot.

Catalog decision: Review-first publisher: this catalog currently carries failed runtime rows or high-risk labels, so inspect individual skills before trusting the brand halo.
9
indexed skills
46
average score
0
manual reviews
2
high-risk labels
catalog evidence snapshotbaseline-v3 coverage 2/9functionality-v2 coverage 2no manual reviews yet2 high-risk labels
Read this row as a catalog snapshot: runtime coverage, deeper follow-on coverage, human review presence, and high-risk concentration before you compare individual skills.

πŸ“Š Runtime quality summary

Runtime read: stronger publisher evidence means more than broad coverage β€” look for low current failure pressure, some functionality depth, and stale-runtime counts that stay under control.
eligible runtime skills: 9latest touch: 35h agono current regressions
Baseline coverage
222% of eligible skills have baseline-v3 receipts
Baseline pass rate
100%2 passed Β· 0 currently failing
Functionality coverage
2100% of baseline-cleared skills have functionality-v2
Fixture-backed rate
0%0 functionality-v2 rows have richer fixture/example proof
Stale baseline rows
0baseline receipts older than 7 days
Functionality failures
0current failed functionality-v2 rows in the latest publisher state

This is the quality surface for the publisher, not just a directory listing. It shows how much of the catalog has real receipts, how often those receipts are passing, whether richer fixture-backed proof exists, and whether the publisher currently carries regressions, reproduced failures, or stale runtime evidence.

Latest runtime touch: 2026-03-14 14:30 UTC. Publisher-level summaries do not replace skill-level review, but they do make reputation more earned: a publisher with broader coverage, stronger pass rates, and fixture-backed proof looks different from one living on thin smoke tests.

If you want the system-wide view, open the runtime dashboard. If you want the scoring logic, read the methodology.

Fresh runtime sliceStale runtime slice
passedfunctionality-v235h ago
gcp-fullstack
5/5 passed
passed
passedbaseline-v335h ago
gcp-fullstack
8/8 passed
passed
passedfunctionality-v238h ago
firebase-auth-setup
5/5 passed
passed
passedbaseline-v338h ago
firebase-auth-setup
8/8 passed
passed

Skills from this publisher

Showing 9 of 9 skills

Label mix on this page

Trusted: 0Use Caution: 1Insufficient Evidence: 6High Risk: 2

This distribution is a quick provenance cue, not a verdict. A publisher can have a mix of safer and riskier skills, so the useful move is to compare patterns here and then open the individual scorecards.

Publisher profiles are best for spotting catalog patterns: repeated shell access, common external services, whether manual review exists, and whether higher-risk labels are isolated or widespread.

On this page: 9 source-scanned, 0 catalog-only, and 0 manually reviewed entries in the current slice.

If you want the scoring logic, read the methodology. If you want the broader landscape, go back to the full index.

feature-forge

guifav Β· vsource-scanned
53
overall

Generates complete features from natural language β€” components, API routes, migrations, types, and tests

Insufficient Evidenceconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found normal operational surface via environment, network, or shell-related references.
Decision cue: Decent evidence base β€” source-level signals are available, so inspect the receipts.

deploy-pilot

guifav Β· vsource-scanned
51
overall

Manages the full deploy cycle β€” build validation, GitHub push, Vercel deployment, and health checks

Insufficient Evidenceconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found higher-privilege capability areas (token), but that alone is not evidence of malicious behavior.
Decision cue: Decent evidence base β€” source-level signals are available, so inspect the receipts.

shadcn-theme-default

guifav Β· vsource-scanned
51
overall

Enforces the default shadcn/ui Neutral theme (black/white/gray) with OKLCH CSS variables, Tailwind v4 integration, and dark mode support

Insufficient Evidenceconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found higher-privilege capability areas (token), but that alone is not evidence of malicious behavior.
Decision cue: Decent evidence base β€” source-level signals are available, so inspect the receipts.

web-scraper

guifav Β· vsource-scanned
47
overall

Web scraping and content comprehension agent β€” multi-strategy extraction with cascade fallback, news detection, boilerplate removal, structured metadata, and LLM entity extraction

Insufficient Evidenceconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found higher-privilege capability areas (token), but that alone is not evidence of malicious behavior.
Decision cue: Decent evidence base β€” source-level signals are available, so inspect the receipts.

stack-scaffold

guifav Β· vsource-scanned
46
overall

Scaffolds a full-stack project with Next.js App Router, Supabase, Firebase Auth, Vercel, and Cloudflare

Insufficient Evidenceconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found higher-privilege capability areas (email), but that alone is not evidence of malicious behavior.
Decision cue: Decent evidence base β€” source-level signals are available, so inspect the receipts.

cloudflare-guard

guifav Β· vsource-scanned
45
overall

Configures and manages Cloudflare DNS, caching, security rules, rate limiting, and Workers

Insufficient Evidenceconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found higher-privilege capability areas (token), but that alone is not evidence of malicious behavior.
Decision cue: Decent evidence base β€” source-level signals are available, so inspect the receipts.

test-sentinel

guifav Β· vsource-scanned
42
overall

Writes and runs tests (unit, integration, E2E), performs linting, and auto-fixes failures

Use Cautionconfidence: source evidencesource-scanned
+ 1 more
suspicious
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully β€” suspicious signals matter more than capability surface alone.

firebase-auth-setup

guifav Β· vsource-scanned
39
overall

Configures Firebase Authentication β€” providers, security rules, custom claims, and React auth hooks

High Riskfollow-on functionality checks passed Β· 5/5confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what passed2026-03-14 11:45 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 7 dayspassedoutput 80 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1584 msbaseline-v3 8/8
RatioDaemon on this skillFirebase Auth Setup is trying to handle firebase auth setup. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully β€” suspicious signals matter more than capability surface alone.

gcp-fullstack

guifav Β· vsource-scanned
37
overall

Full-stack super agent for projects on Google Cloud Platform with GitHub and Cloudflare β€” covers scaffolding, compute, database, auth, deploy, CDN, and security

High Riskfollow-on functionality checks passed Β· 5/5confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what passed2026-03-14 14:30 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 7 dayspassedoutput 80 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1619 msbaseline-v3 8/8
RatioDaemon on this skillGcp Fullstack is trying to handle gcp fullstack. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully β€” suspicious signals matter more than capability surface alone.
Page 1 / 1

Trust reading guide

Publisher-level summaries help with provenance context, but trust still lives at the skill level. Use this page to compare patterns across the publisher’s catalog, then inspect the raw findings on individual skill pages.

Back to the full index