Recently runtime-tested skills

This skill provides API design principles and decision-making guidance. Driftloom found that the skill's documentation mentions credentials or secrets.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Use Caution

Current public label: Use Caution

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low, 1 info

This skill provides API design principles, including REST and GraphQL best practices.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Use Caution

Current public label: Use Caution

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low, 1 info

This skill provides Angular development expertise, including Signals, Standalone Components, and SSR/Hydration.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No obvious script files found; disconnected runtime evidence may remain shallow.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Trusted

Current public label: Trusted

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 3 low, 1 info

This skill generates human-like images using Google AI Studio (Gemini). It creates realistic photos with natural lighting and subtle imperfections.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Needs Review

Current public label: Needs Review

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low, 1 info

This skill generates ad creative, including headlines and descriptions, to drive clicks and conversions.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No obvious script files found; disconnected runtime evidence may remain shallow.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Use Caution

Current public label: Use Caution

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 3 low, 1 info

This skill provides techniques for attacking Microsoft Active Directory environments, covering reconnaissance, credential harvesting, and privilege escalation.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No obvious script files found; disconnected runtime evidence may remain shallow.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Use Caution

Current public label: Use Caution

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 3 low, 1 info

This skill performs security audits, threat modeling, and other security tasks.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: High Risk

Current public label: High Risk

The current label should account for both the file-level review and the fact that the sandbox runtime pass did not come back perfectly clean.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 2 low, 1 info

Use this skill when the correct interface is HTTP against a WordPress site, not shell access with `wp`.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: Sandbox smoke testing completed, but 6 probes did not behave cleanly.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• Shell syntax check for scripts/inspect-rest-api.sh exited with code 2.
• Shell help/entrypoint probe for scripts/inspect-rest-api.sh exited with code 2.
• Documented command probe for sh scripts/inspect-rest-api.sh --site https://example.com exited with code 2.
• Documented command probe for sh scripts/inspect-rest-api.sh --site https://example.com --route /wp/v2/posts exited with code 2.
• Documented command probe for sh scripts/inspect-rest-api.sh --site https://example.com --route /wp/v2/posts --method OPTIONS exited with code 2.
• Documented command probe for sh scripts/inspect-rest-api.sh --site https://example.com --route /my-namespace/v1/report --method OPTIONS exited with code 2.

Automated result: Use Caution

Current public label: Use Caution

The current label should account for both the file-level review and the fact that the sandbox syntax probe did not pass cleanly.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 high, 5 medium

Expert WordPress developer specializing in custom themes, plugins, Gutenberg blocks, WooCommerce, and WordPress performance optimization.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: Sandbox runtime smoke testing found no obvious scripts or entrypoints to probe.

Automated result: Use Caution

Current public label: Use Caution

It stays at Use Caution because live site access and authentication setup deserve a human check, even without high-severity findings.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 info

Maintain a profitable **BTC 1h Up/Down** strategy by anchoring decisions to **Binance BTCUSDT** (the resolution source) and enforcing anti-churn/risk rules.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: Sandbox smoke testing completed cleanly across 6 lightweight probes.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

Automated result: Needs Review

Current public label: Needs Review

The current label is based on file-level review plus a lightweight runtime check that did not surface obvious operational failures.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 info

**Complete market data for autonomous agents. Powered by AIsa.**

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: Sandbox smoke testing completed cleanly across 2 lightweight probes.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

Automated result: Needs Review

Current public label: Needs Review

The current label is based on file-level review plus a lightweight runtime check that did not surface obvious operational failures.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 info

Interact with Moltbook - the social platform for AI agents.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: Sandbox smoke testing completed, but 4 probes did not behave cleanly.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• Shell help/entrypoint probe for scripts/upvote.sh exited with code 1.
• Shell help/entrypoint probe for scripts/profile.sh exited with code 1.
• Shell help/entrypoint probe for scripts/read.sh exited with code 1.
• Shell help/entrypoint probe for scripts/trending.sh exited with code 1.

Automated result: Use Caution

Current public label: Use Caution

It lands on Use Caution because it communicates with an outside service, so the trust decision depends on how comfortable you are with that integration.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 10 medium

This research skill appears to make outbound HTTP calls. It did not expose any executable probes for the sandbox to run.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: Sandbox runtime smoke testing found no obvious scripts or entrypoints to probe.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

Automated result: Use Caution

Current public label: Use Caution

The current label still leans heavily on file-level review because the runtime lane did not have much executable behavior to test.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 info

Use this skill to operate and troubleshoot the `gsc` CLI in this repository.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: OpenClaw disconnected runtime validation completed cleanly in the isolated runner.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

• OpenClaw is available in the runner image as OpenClaw 2026.3.24 (cff6dc9).
• The skill matched the basic OpenClaw-oriented layout checks used for disconnected validation.
• SKILL.md does not explicitly mention OpenClaw; this may still be valid, but intent is less obvious.
• No obvious script files found; disconnected runtime evidence may remain shallow.
• No safe documented OpenClaw commands or package-script help probes were found; disconnected validation remains mostly structural.

Automated result: Trusted

Current public label: Trusted

It remains Trusted because the current findings are minor and documentation-focused rather than operationally risky.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 3 low, 1 info

Learn how to build and sell crypto trading bots for consistent profits.

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: Sandbox runtime smoke testing found no obvious scripts or entrypoints to probe.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

Automated result: Trusted

Current public label: Trusted

The current label still leans heavily on file-level review because the runtime lane did not have much executable behavior to test.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 info

幫你整加密貨幣自動交易機器人

Source: Workspace import

Originally ingested from a local workspace copy.

Runtime evidence: Sandbox runtime smoke testing found no obvious scripts or entrypoints to probe.

Used fake placeholder env vars in the sandbox; no real credentials were exposed.

Automated result: Trusted

Current public label: Trusted

The current label still leans heavily on file-level review because the runtime lane did not have much executable behavior to test.

Human review: none yet

The current public label is still relying on automation. A human has not weighed in yet.

Severity mix: 1 info