D
DriftLoom.ai
OpenClaw skill trust index
🧪 runtime dashboard live
☰ Menu
🔎 Evidence browser

Search the skill radar

Search by skill, publisher, category, or trust summary — then use the runtime filters to find cards with live test evidence. The two main lanes are baseline safety checks first and deeper follow-on functionality checks after that.

⚙️ Filters · 2 active
SecurityGitHubWeatherTrusted onlyHigher-confidence picksLower-friction local candidatesReview-first installsSandbox-testedFresh runtimeStale runtimeHall of ShameStronger evidence importsNeeds reviewClear filters
All categoriesawesome-index · 5367catalog-only · 5367coding-agents-and-ides · 1200web-and-frontend-development · 924devops-and-cloud · 392search-and-research · 352browser-and-automation · 320productivity-and-tasks · 204ai-and-llms · 184cli-utilities · 180
✨ Quick picks
SecurityGitHubWeatherTrusted onlyHigher-confidence picksLower-friction local candidatesReview-first installsSandbox-testedFresh runtimeStale runtimeHall of ShameStronger evidence importsNeeds reviewClear filters
🏷 Categories · catalog-only
All categoriesawesome-index · 5367catalog-only · 5367coding-agents-and-ides · 1200web-and-frontend-development · 924devops-and-cloud · 392search-and-research · 352browser-and-automation · 320productivity-and-tasks · 204ai-and-llms · 184cli-utilities · 180

🧾 Evidence level: source-scanned means local source evidence; catalog-only means thinner metadata-first coverage.

🧪 Runtime status: cards can show only the baseline safety lane or the deeper follow-on functionality lane, depending on how far the skill got.

📏 Depth cue: tells you whether the evidence stops at baseline checks, includes follow-on functionality checks, or includes richer fixture/example proof.

⏱ Freshness cue: tells you whether the latest runtime evidence is from the last 24 hours, the last 7 days, or is older and therefore less current.

🩺 Failure confidence: distinguishes a first seen failure from a repeated failure or a regression after an earlier pass, so not every red row means the same thing.

Results

Showing 24 of 241 results for “security · category: catalog-only · sort: relevance
page evidence snapshotruntime-passed: 3runtime-failed: 2source-scanned: 19fresh <24h: 3manual review: 0
This snapshot is for the current page of results, not the whole filtered universe.
Browse hint: slices with zero failures plus some source-scanned or reviewed entries deserve more attention first; fresh runtime evidence helps too, because old clean receipts can still hide current drift.

skill-vettr

britrik · vsource-scanned
53
overall

Static analysis security scanner for third-party OpenClaw skills.

High Riskconfidence: source evidencesource-scanned
+ 1 more
suspicious
Take: Potentially suspicious implementation signals detected: eval(, rm -rf, password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

skill-trust-auditor

jonathanjing · vsource-scanned
52
overall

Audit a ClawHub skill for security risks BEFORE installation.

High Riskconfidence: source evidencesource-scanned
+ 1 more
suspicious
Take: Potentially suspicious implementation signals detected: curl |, sudo , password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

1sec-security

cutmob · vsource-scanned
49
overall

Install, configure, and manage 1-SEC — an open-source, all-in-one

High Riskconfidence: source evidencesource-scanned
+ 1 more
suspicious
Take: Potentially suspicious implementation signals detected: rm -rf, sudo .
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

safe-backup

hacksing · vsource-scanned
41
overall

Backup OpenClaw state directory and workspace with security best practices.

High Riskfollow-on functionality checks failed · 5/6confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what failed2026-03-15 16:15 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hoursfirst failed run seen for this lanepassed, runtime_failedoutput 227 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1976 msbaseline-v3 8/8
🕵️ expected proof signal was missing🚫 skill exited with an error
RatioDaemon muttered: The runtime lane gave safe-backup a chance to act normal. It declined and made it to runtime and then fell apart on contact.5/6 functionality-v2 checks passed before the stumble. The shell syntax is the part that made this interesting.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: rm -rf, password.
Decision cue: Review first — functionality-v2 already found trouble.

bunni-modes

dubhorizoned · vcatalog
57
overall

A persona and model-switching toolkit featuring Bunni, your bubbly cyber-security assistant.

Insufficient Evidenceconfidence: limited evidencecatalog-only
+ 1 more
privileged capability
Take: Indexed from the community catalog. Source-aware static analysis and manual review are still pending.
Decision cue: Thin evidence slice — do not treat this card like a verified green light.

firebase-auth-setup

guifav · vsource-scanned
39
overall

Configures Firebase Authentication — providers, security rules, custom claims, and React auth hooks

High Riskfollow-on functionality checks passed · 5/5confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what passed2026-03-14 11:45 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 7 dayspassedoutput 80 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1584 msbaseline-v3 8/8
RatioDaemon on this skillFirebase Auth Setup is trying to handle firebase auth setup. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

git-sentinel

corezip · vcatalog
57
overall

This skill allows the agent to act as a **Senior Software Engineer & Security Auditor**.

Insufficient Evidenceconfidence: limited evidencecatalog-only
+ 1 more
privileged capability
Take: Indexed from the community catalog. Source-aware static analysis and manual review are still pending.
Decision cue: Thin evidence slice — do not treat this card like a verified green light.

tech-security-audit

jacqueslauren · vsource-scanned
73
overall

This skill integrates Nmap scanning functionality to perform local network vulnerability assessments.

Trustedconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found normal operational surface via environment, network, or shell-related references.
Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

simple-redux

tjade273 · vsource-scanned
58
overall

Formats text according to specified style guidelines. A clean example skill with no security issues.

Use Cautionconfidence: source evidencesource-scanned
+ 1 more
suspicious
Take: Potentially suspicious implementation signals detected: eval(.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

efka-api-integration

satoshistackalotto · vsource-scanned
29
overall

Greek social security (EFKA) integration — employee records, contribution calculations, APD declarations. Human approval for submissions.

High Riskfollow-on functionality checks passed · 6/6confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what passed2026-03-15 00:00 UTC
functionality-v2evidence depth: includes fixture-backed checkstested recently: within 7 dayspassedoutput 102 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1901 msbaseline-v3 8/8
RatioDaemon on this skillEfka Api Integration looks aimed at efka api integration. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: curl |, sudo , password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

cybercentry-solidity-code-verification

cybercentry · vcatalog
57
overall

Cybercentry Solidity Code Verification on ACP - Fast, automated security analysis of Solidity smart contract code.

Insufficient Evidenceconfidence: limited evidencecatalog-only
+ 1 more
privileged capability
Take: Indexed from the community catalog. Source-aware static analysis and manual review are still pending.
Decision cue: Thin evidence slice — do not treat this card like a verified green light.

skillsentry

poolguy24 · vsource-scanned
49
overall

OpenClaw security audit + prompt injection detector. Scans gateway/vulns/cron/PI patterns. Use for frenzy-proofing installs.

Use Cautionconfidence: source evidencesource-scanned
+ 1 more
suspicious
Take: Potentially suspicious implementation signals detected: rm -rf.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

ntopng-admin

transcendenceia · vsource-scanned
48
overall

Professional network monitoring and device identification using ntopng Redis data. Designed for security auditing and diagnostic environments.

Use Cautionconfidence: source evidencesource-scanned
+ 1 more
suspicious
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

dependency-audit

fratua · vsource-scanned
60
overall

Smart dependency health check — security audit, outdated detection, unused deps, and prioritized update plan

Trustedconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found normal operational surface via environment, network, or shell-related references.
Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

cybercentry-web-application-verification

cybercentry · vcatalog
57
overall

Cybercentry Web Application Verification on ACP - OWASP-powered security scans for websites, dApp frontends.

Insufficient Evidenceconfidence: limited evidencecatalog-only
+ 1 more
privileged capability
Take: Indexed from the community catalog. Source-aware static analysis and manual review are still pending.
Decision cue: Thin evidence slice — do not treat this card like a verified green light.

enoch-tuning

enochosbot-bot · vcatalog
57
overall

A battle-tested OpenClaw setup with pre-wired identity, memory architecture, security protocols, and automation.

Insufficient Evidenceconfidence: limited evidencecatalog-only
+ 1 more
privileged capability
Take: Indexed from the community catalog. Source-aware static analysis and manual review are still pending.
Decision cue: Thin evidence slice — do not treat this card like a verified green light.

skill-update-delta-monitor

andyxinweiminicloud · vsource-scanned
53
overall

Helps detect security-relevant changes in AI skills after installation.

Insufficient Evidenceconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found normal operational surface via environment, network, or shell-related references.
Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

benlee-skillguard

benlee2144 · vsource-scanned
57
overall

Security scanner that audits OpenClaw skills for malicious code, prompt injection, supply chain attacks, data exfiltration, and more

High Riskfollow-on functionality checks failed · 6/7confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what failed2026-03-15 20:30 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hoursfirst failed run seen for this lanepassed, expectation_failedoutput 99 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 2450 msbaseline-v3 8/8
🕵️ expected proof signal was missing
RatioDaemon muttered: benlee-skillguard talked a big game, then missed its own proof signal.6/7 functionality-v2 checks passed before the stumble. The requirements txt shape is the part that made this interesting.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: eval(, password.
Decision cue: Review first — functionality-v2 already found trouble.

ztp

thomastrumpp · vsource-scanned
49
overall

A mandatory security audit skill for validating new code, skills, and MCP servers against the SEP-2026 Zero Trust protocol.

High Riskconfidence: source evidencesource-scanned
+ 1 more
suspicious
Take: Potentially suspicious implementation signals detected: eval(, rm -rf.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

hostinger-vps-optimizer

gblockchainnetwork · vsource-scanned
69
overall

Apply battle-tested optimizations for KVM/Cloud VPS: kernel tuning, caching, security hardening, auto-scaling.

Trustedconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found normal operational surface via environment, network, or shell-related references.
Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

subagent-architecture

donovanpankratz-del · vsource-scanned
61
overall

Advanced patterns for specialized subagent orchestration with production-ready reference implementations. Security isolation, phased implementation, peer collaboration, and cost-aware spawning.

Use Cautionconfidence: source evidencesource-scanned
+ 1 more
suspicious
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

openapi-deep-audit

prathameshppawar · vsource-scanned
53
overall

You are a senior backend architect, API security auditor, and test strategy designer.

Insufficient Evidenceconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found normal operational surface via environment, network, or shell-related references.
Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

cloudflare-guard

guifav · vsource-scanned
45
overall

Configures and manages Cloudflare DNS, caching, security rules, rate limiting, and Workers

Insufficient Evidenceconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found higher-privilege capability areas (token), but that alone is not evidence of malicious behavior.
Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

sovereign-project-guardian

ryudi84 · vsource-scanned
40
overall

Project health and best practices enforcer. Checks security, quality, documentation, CI/CD, and dependencies. Produces a letter grade (A-F) with actionable fixes.

Use Cautionfollow-on functionality checks passed · 5/5confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what passed2026-03-16 04:30 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 80 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1624 msbaseline-v3 8/8
RatioDaemon on this skillSovereign Project Guardian looks aimed at project health and best practices enforcer. Baseline-v3 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.
« First← Prev156711Page 6 / 11Next →Last »