publisher profilefirst-party

OpenClaw

OpenClaw publishes 52 tracked skills in DriftBot.

Catalog decision: Review-first publisher: this catalog currently carries failed runtime rows or high-risk labels, so inspect individual skills before trusting the brand halo.

52

indexed skills

60

average score

1

manual reviews

2

high-risk labels

catalog evidence snapshotno baseline-v3 receipts yetno functionality-v2 receipts yet1 manual review2 high-risk labels

Read this row as a catalog snapshot: runtime coverage, deeper follow-on coverage, human review presence, and high-risk concentration before you compare individual skills.

📊 Runtime quality summary

Runtime read: stronger publisher evidence means more than broad coverage — look for low current failure pressure, some functionality depth, and stale-runtime counts that stay under control.

eligible runtime skills: 0latest touch: n/ano current regressions

Baseline coverage

00% of eligible skills have baseline-v3 receipts

Baseline pass rate

0%0 passed · 0 currently failing

Functionality coverage

00% of baseline-cleared skills have functionality-v2

Fixture-backed rate

0%0 functionality-v2 rows have richer fixture/example proof

Stale baseline rows

0baseline receipts older than 7 days

Functionality failures

0current failed functionality-v2 rows in the latest publisher state

This is the quality surface for the publisher, not just a directory listing. It shows how much of the catalog has real receipts, how often those receipts are passing, whether richer fixture-backed proof exists, and whether the publisher currently carries regressions, reproduced failures, or stale runtime evidence.

Latest runtime touch: n/a. Publisher-level summaries do not replace skill-level review, but they do make reputation more earned: a publisher with broader coverage, stronger pass rates, and fixture-backed proof looks different from one living on thin smoke tests.

If you want the system-wide view, open the runtime dashboard. If you want the scoring logic, read the methodology.

Fresh runtime slice Stale runtime slice

No runtime receipts for this publisher yet.

Skills from this publisher

Showing 4 of 52 skills

Label mix on this page

Trusted: 0Use Caution: 3Insufficient Evidence: 0High Risk: 1

This distribution is a quick provenance cue, not a verdict. A publisher can have a mix of safer and riskier skills, so the useful move is to compare patterns here and then open the individual scorecards.

Publisher profiles are best for spotting catalog patterns: repeated shell access, common external services, whether manual review exists, and whether higher-risk labels are isolated or widespread.

On this page: 4 source-scanned, 0 catalog-only, and 0 manually reviewed entries in the current slice.

If you want the scoring logic, read the methodology. If you want the broader landscape, go back to the full index.

1password

OpenClaw · vbundled

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.

Use Cautionconfidence: source evidencesource-scanned

Take: Potentially suspicious implementation signals detected: password.

Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

xurl

OpenClaw · vbundled

A CLI tool for making authenticated requests to the X (Twitter) API. Use this skill when you need to post tweets, reply, quote, search, read posts, manage followers, send DMs, upload media, or interact with any X API v2 endpoint.

Use Cautionconfidence: source evidencesource-scanned

Take: Higher-privilege capability areas are present (token, oauth), but that alone is not evidence of malicious behavior.

Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

gh-issues

OpenClaw · vbundled

Fetch GitHub issues, spawn sub-agents to implement fixes and open PRs, then monitor and address PR review comments. Usage: /gh-issues [owner/repo] [--label bug] [--limit 5] [--milestone v1.0] [--assignee @me] [--fork user/repo] [--watch] [--interval 5] [--reviews-only] [--cron] [--dry-run] [--model glm-5] [--notify-channel -1002381931352]

Use Cautionconfidence: source evidencesource-scanned

Take: Higher-privilege capability areas are present (token, telegram), but that alone is not evidence of malicious behavior.

Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

himalaya

OpenClaw · vbundled

CLI to manage emails via IMAP/SMTP. Use `himalaya` to list, read, write, reply, forward, search, and organize emails from the terminal. Supports multiple accounts and message composition with MML (MIME Meta Language).

High Riskconfidence: source evidencesource-scanned

Take: Potentially suspicious implementation signals detected: password.

Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

← PrevPage 3 / 3

Trust reading guide

Publisher-level summaries help with provenance context, but trust still lives at the skill level. Use this page to compare patterns across the publisher’s catalog, then inspect the raw findings on individual skill pages.

Back to the full index