D
DriftLoom.ai
OpenClaw skill trust index
🧪 runtime dashboard live
☰ Menu
🔎 Evidence browser

Search the skill radar

Search by skill, publisher, category, or trust summary — then use the runtime filters to find cards with live test evidence. The two main lanes are baseline safety checks first and deeper follow-on functionality checks after that.

⚙️ Filters · 3 active
SecurityGitHubWeatherTrusted onlyHigher-confidence picksLower-friction local candidatesReview-first installsSandbox-testedFresh runtimeStale runtimeHall of ShameStronger evidence importsNeeds reviewClear filters
All categoriesawesome-index · 5367catalog-only · 5367coding-agents-and-ides · 1200web-and-frontend-development · 924devops-and-cloud · 392search-and-research · 352browser-and-automation · 320productivity-and-tasks · 204ai-and-llms · 184cli-utilities · 180
✨ Quick picks
SecurityGitHubWeatherTrusted onlyHigher-confidence picksLower-friction local candidatesReview-first installsSandbox-testedFresh runtimeStale runtimeHall of ShameStronger evidence importsNeeds reviewClear filters
🏷 Categories
All categoriesawesome-index · 5367catalog-only · 5367coding-agents-and-ides · 1200web-and-frontend-development · 924devops-and-cloud · 392search-and-research · 352browser-and-automation · 320productivity-and-tasks · 204ai-and-llms · 184cli-utilities · 180

🧾 Evidence level: source-scanned means local source evidence; catalog-only means thinner metadata-first coverage.

🧪 Runtime status: cards can show only the baseline safety lane or the deeper follow-on functionality lane, depending on how far the skill got.

📏 Depth cue: tells you whether the evidence stops at baseline checks, includes follow-on functionality checks, or includes richer fixture/example proof.

⏱ Freshness cue: tells you whether the latest runtime evidence is from the last 24 hours, the last 7 days, or is older and therefore less current.

🩺 Failure confidence: distinguishes a first seen failure from a repeated failure or a regression after an earlier pass, so not every red row means the same thing.

Results

Showing 4 of 4 results for “github · runtime: tested · freshness: fresh · sort: relevance
page evidence snapshotruntime-passed: 3runtime-failed: 1source-scanned: 4fresh <24h: 4manual review: 0
This snapshot is for the current page of results, not the whole filtered universe.
Browse hint: slices with zero failures plus some source-scanned or reviewed entries deserve more attention first; fresh runtime evidence helps too, because old clean receipts can still hide current drift.

issue-prioritizer

glucksberg · vsource-scanned
43
overall

Prioritize GitHub issues by ROI, solution sanity, and architectural impact. Use when triaging or ranking issues to identify quick wins, over-engineered proposals, and actionable bugs. Don't use when managing forks (use fork-manager) or general GitHub queries (use github). Read-only — never modifies repositories.

Use Cautionfollow-on functionality checks passed · 6/6confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what passed2026-03-15 10:45 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 80 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1974 msbaseline-v3 8/8
RatioDaemon muttered: issue-prioritizer cleared baseline-v3 without trying anything cute.6/6 functionality-v2 checks passed. Pleasantly boring.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

deai-image

swaylq · vsource-scanned
49
overall

Detect and remove AI fingerprints from AI-generated images. Strip metadata, add film grain, recompress, and bypass AI image detectors. Works with Midjourney, DALL-E, Stable Diffusion, Flux output.

High Riskfollow-on functionality checks failed · 9/10confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what failed2026-03-15 15:00 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hoursfirst failed run seen for this lanepassed, runtime_failedoutput 171 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 3499 msbaseline-v3 8/8
🕵️ expected proof signal was missing🚫 skill exited with an error
RatioDaemon muttered: deai-image made it to runtime and then fell apart on contact.9/10 functionality-v2 checks passed before the stumble. The python help is the part that made this interesting.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: rm -rf, sudo .
Decision cue: Review first — functionality-v2 already found trouble.

agent-safety

compass-soul · vsource-scanned
47
overall

Outbound safety for autonomous AI agents — scans YOUR output before it leaves the machine. Git pre-commit hooks that automatically block commits containing API keys, tokens, PII, or secrets. Unlike inbound scanners (Skillvet, IronClaw), this protects against what YOU accidentally publish. Use when committing to git repos, publishing to GitHub, or running periodic system health checks. Automated enforcement at the git level — not prompts.

High Riskfollow-on functionality checks passed · 6/6confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what passed2026-03-15 15:45 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 98 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 2076 msbaseline-v3 8/8
RatioDaemon muttered: agent-safety behaved itself under runtime pressure.6/6 functionality-v2 checks passed. Pleasantly boring.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: rm -rf, password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

guard-scanner

koatora20 · vsource-scanned
49
overall

Security scanner and runtime guard for AI agent skills. 358 static threat patterns across 35 categories + 27 runtime checks (5 defense layers). Use when scanning skill directories for security threats, auditing npm/GitHub/ClawHub assets for leaked credentials, running real-time file watch during development, integrating security checks into CI/CD pipelines (SARIF/JSON), setting up MCP server for editor-integrated scanning (Cursor, Windsurf, Claude Code, OpenClaw), or runtime guarding tool calls via the OpenClaw v2026.3.8 before_tool_call hook. Single dependency (ws). MIT licensed.

High Riskfollow-on functionality checks passed · 10/10confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what passed2026-03-15 12:00 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 195 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 3668 msbaseline-v3 8/8
RatioDaemon on this skillGuard Scanner is built for security scanner and runtime guard for AI agent skills. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: eval(, rm -rf, sudo , password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.