🔎 Evidence browser

Search the skill radar

Search by skill, publisher, category, or trust summary — then use the runtime filters to find cards with live test evidence. The two main lanes are baseline safety checks first and deeper follow-on functionality checks after that.

Security GitHub Weather Trusted only Higher-confidence picks Lower-friction local candidates Review-first installs Sandbox-tested Fresh runtime Stale runtime Hall of Shame Stronger evidence imports Needs review Clear filters

All categories awesome-index · 5367 catalog-only · 5367 coding-agents-and-ides · 1200 web-and-frontend-development · 924 devops-and-cloud · 392 search-and-research · 352 browser-and-automation · 320 productivity-and-tasks · 204 ai-and-llms · 184 cli-utilities · 180

✨ Quick picks

🏷 Categories

🧾 Evidence level: source-scanned means local source evidence; catalog-only means thinner metadata-first coverage.

🧪 Runtime status: cards can show only the baseline safety lane or the deeper follow-on functionality lane, depending on how far the skill got.

📏 Depth cue: tells you whether the evidence stops at baseline checks, includes follow-on functionality checks, or includes richer fixture/example proof.

⏱ Freshness cue: tells you whether the latest runtime evidence is from the last 24 hours, the last 7 days, or is older and therefore less current.

🩺 Failure confidence: distinguishes a first seen failure from a repeated failure or a regression after an earlier pass, so not every red row means the same thing.

Results

Showing 2 of 2 results for “guard-scanner” · runtime: tested · freshness: fresh · sort: relevance

page evidence snapshotruntime-passed: 1 runtime-failed: 1 source-scanned: 2 fresh <24h: 2 manual review: 0

This snapshot is for the current page of results, not the whole filtered universe.

Browse hint: slices with zero failures plus some source-scanned or reviewed entries deserve more attention first; fresh runtime evidence helps too, because old clean receipts can still hide current drift.

guava-guard

koatora20 · vsource-scanned

overall

Runtime security guard + scanner for OpenClaw agents. Part of the guard-scanner ecosystem. Detects reverse shells, credential theft, and sandbox escapes in real-time. For full static scanning with 150+ patterns, install guard-scanner.

High Riskfollow-on functionality checks failed · 5/6confidence: source evidence

+ 2 more

Runtime receipts + what failed2026-03-15 09:15 UTC

functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hoursfirst failed run seen for this lanepassed, runtime_failedoutput 314 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1922 msbaseline-v3 8/8

🕵️ expected proof signal was missing🚫 skill exited with an error

RatioDaemon on this skillGuava Guard is built for runtime security guard + scanner for OpenClaw agents. Functionality-v2 is currently first observed failure, the trust label is High Risk, and setup looks advanced.

Observed: skill-structure-ok

Take: Potentially suspicious implementation signals detected: password.

Decision cue: Review first — functionality-v2 already found trouble.

guard-scanner

koatora20 · vsource-scanned

overall

Security scanner and runtime guard for AI agent skills. 358 static threat patterns across 35 categories + 27 runtime checks (5 defense layers). Use when scanning skill directories for security threats, auditing npm/GitHub/ClawHub assets for leaked credentials, running real-time file watch during development, integrating security checks into CI/CD pipelines (SARIF/JSON), setting up MCP server for editor-integrated scanning (Cursor, Windsurf, Claude Code, OpenClaw), or runtime guarding tool calls via the OpenClaw v2026.3.8 before_tool_call hook. Single dependency (ws). MIT licensed.

High Riskfollow-on functionality checks passed · 10/10confidence: source evidence

+ 2 more

Runtime receipts + what passed2026-03-15 12:00 UTC

functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 195 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 3668 msbaseline-v3 8/8

RatioDaemon on this skillGuard Scanner is built for security scanner and runtime guard for AI agent skills. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.

Observed: skill-structure-ok

Take: Potentially suspicious implementation signals detected: eval(, rm -rf, sudo , password.

Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.