issue-prioritizer
glucksberg · vsource-scanned
Prioritize GitHub issues by ROI, solution sanity, and architectural impact. Use when triaging or ranking issues to identify quick wins, over-engineered proposals, and actionable bugs. Don't use when managing forks (use fork-manager) or general GitHub queries (use github). Read-only — never modifies repositories.
Use Cautionfollow-on functionality checks passed · 6/6confidence: source evidence+ 2 more
Runtime receipts + what passed2026-03-15 10:45 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 7 dayspassedoutput 80 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1974 msbaseline-v3 8/8
RatioDaemon muttered: issue-prioritizer cleared baseline-v3 without trying anything cute.6/6 functionality-v2 checks passed. Pleasantly boring.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.
odoo-connector
nullnaveen · vsource-scanned
repository: https://github.com/NullNaveen/openclaw-odoo-skill
High Riskfollow-on functionality checks failed · 8/9confidence: source evidence+ 2 more
Runtime receipts + what failed2026-03-16 11:45 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hoursfirst failed run seen for this lanepassed, expectation_failedoutput 154 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 3049 msbaseline-v3 8/8
🕵️ expected proof signal was missing
RatioDaemon muttered: The runtime lane gave odoo-connector a chance to act normal. It declined and talked a big game, then missed its own proof signal.8/9 functionality-v2 checks passed before the stumble. The requirements txt shape is the part that made this interesting.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Review first — functionality-v2 already found trouble.
odoo-erp-connector
nullnaveen · vsource-scanned
repository: https://github.com/NullNaveen/openclaw-odoo-skill
High Riskfollow-on functionality checks failed · 8/9confidence: source evidence+ 2 more
Runtime receipts + what failed2026-03-16 08:30 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hoursfirst failed run seen for this lanepassed, expectation_failedoutput 154 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 3073 msbaseline-v3 8/8
🕵️ expected proof signal was missing
RatioDaemon muttered: The runtime lane gave odoo-erp-connector a chance to act normal. It declined and talked a big game, then missed its own proof signal.8/9 functionality-v2 checks passed before the stumble. The requirements txt shape is the part that made this interesting.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Review first — functionality-v2 already found trouble.
gcp-fullstack
guifav · vsource-scanned
Full-stack super agent for projects on Google Cloud Platform with GitHub and Cloudflare — covers scaffolding, compute, database, auth, deploy, CDN, and security
High Riskfollow-on functionality checks passed · 5/5confidence: source evidence+ 2 more
Runtime receipts + what passed2026-03-14 14:30 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 7 dayspassedoutput 80 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1619 msbaseline-v3 8/8
RatioDaemon on this skillGcp Fullstack is trying to handle gcp fullstack. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.
agent-safety
compass-soul · vsource-scanned
Outbound safety for autonomous AI agents — scans YOUR output before it leaves the machine. Git pre-commit hooks that automatically block commits containing API keys, tokens, PII, or secrets. Unlike inbound scanners (Skillvet, IronClaw), this protects against what YOU accidentally publish. Use when committing to git repos, publishing to GitHub, or running periodic system health checks. Automated enforcement at the git level — not prompts.
High Riskfollow-on functionality checks passed · 6/6confidence: source evidence+ 2 more
Runtime receipts + what passed2026-03-15 15:45 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 98 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 2076 msbaseline-v3 8/8
RatioDaemon muttered: agent-safety behaved itself under runtime pressure.6/6 functionality-v2 checks passed. Pleasantly boring.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: rm -rf, password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.
guard-scanner
koatora20 · vsource-scanned
Security scanner and runtime guard for AI agent skills. 358 static threat patterns across 35 categories + 27 runtime checks (5 defense layers). Use when scanning skill directories for security threats, auditing npm/GitHub/ClawHub assets for leaked credentials, running real-time file watch during development, integrating security checks into CI/CD pipelines (SARIF/JSON), setting up MCP server for editor-integrated scanning (Cursor, Windsurf, Claude Code, OpenClaw), or runtime guarding tool calls via the OpenClaw v2026.3.8 before_tool_call hook. Single dependency (ws). MIT licensed.
High Riskfollow-on functionality checks passed · 10/10confidence: source evidence+ 2 more
Runtime receipts + what passed2026-03-15 12:00 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 195 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 3668 msbaseline-v3 8/8
RatioDaemon on this skillGuard Scanner is built for security scanner and runtime guard for AI agent skills. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: eval(, rm -rf, sudo , password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.