yacy
qsmtco · vsource-scanned
Control and manage a local YaCy search engine instance.
High Riskfollow-on functionality checks passed · 7/7confidence: source evidence+ 2 more
Runtime receipts + what passed2026-03-15 12:45 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 120 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 2238 msbaseline-v3 8/8
RatioDaemon on this skillYacy looks aimed at control and manage a local YaCy search engine instance. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: sudo , password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.
pyzotero
killgfat · vsource-scanned
Python scripts for Zotero - supports search, browse, add items, and full collection management. Both local API and online Web API modes.
High Riskfollow-on functionality checks failed · 6/7confidence: source evidence+ 2 more
Runtime receipts + what failed2026-03-15 07:30 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hoursfirst failed run seen for this lanepassed, runtime_failedoutput 99 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 2533 msbaseline-v3 8/8
🕵️ expected proof signal was missing🚫 skill exited with an error
RatioDaemon on this skillPyzotero is trying to handle python scripts for Zotero -. Functionality-v2 is currently first observed failure, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: rm -rf, sudo .
Decision cue: Review first — functionality-v2 already found trouble.
greek-email-processor
satoshistackalotto · vsource-scanned
Email processing for Greek accounting. Connects via IMAP to scan for financial documents, AADE notices, and invoices. Routes to local pipelines.
High Riskfollow-on functionality checks passed · 6/6confidence: source evidence+ 2 more
Runtime receipts + what passed2026-03-15 11:30 UTC
functionality-v2evidence depth: includes fixture-backed checkstested recently: within 24 hourspassedoutput 102 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1921 msbaseline-v3 8/8
RatioDaemon on this skillGreek Email Processor is trying to handle email processing for Greek accounting. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: curl |, sudo , password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.
aiusd-skills
chaunceyliu · vsource-scanned
AIUSD trading and account management skill. Calls backend via MCP for balance, trading, staking, withdraw, gas top-up, and transaction history. Auth priority: MCP_HUB_TOKEN env, then mcporter OAuth or local token file.
High Riskfollow-on functionality checks passed · 7/7confidence: source evidence+ 2 more
Runtime receipts + what passed2026-03-16 02:45 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 115 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 2216 msbaseline-v3 8/8
RatioDaemon muttered: aiusd-skills behaved itself under runtime pressure.7/7 functionality-v2 checks passed. Pleasantly boring.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: rm -rf.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.
skill-father
moodykong · vsource-scanned
Authoritative skill-creation standards (Boss). Use when creating or updating OpenClaw skills so they are portable, reproducible, include prerequisites checks, and have a guided installation/onboarding flow that persists machine-specific config in skill-local config files.
Use Cautionfollow-on functionality checks passed · 5/5confidence: source evidence+ 2 more
Runtime receipts + what passed2026-03-15 07:45 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 80 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1655 msbaseline-v3 8/8
RatioDaemon on this skillSkill Father looks aimed at authoritative skill-creation standards (Boss). Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.
apple-developer-toolkit
abdullah4ai · vsource-scanned
All-in-one Apple developer skill with three integrated tools shipped as a single unified binary. (1) Documentation search across Apple frameworks, symbols, and 1,267 WWDC sessions from 2014-2025. No credentials needed. (2) App Store Connect CLI with 120+ commands covering builds (find/wait/upload), TestFlight, pre-submission validate, submissions, signing, subscriptions (family-sharable), IAP, analytics, Xcode Cloud, metadata workflows, release pipeline dashboard, insights, win-back offers, promoted purchases, product pages, nominations, accessibility declarations, pre-orders, pricing filters, localizations update, diff, webhooks with local receiver, workflow automation, and more. Requires App Store Connect API key. (3) Multi-platform app builder (iOS/watchOS/tvOS/iPad/macOS/visionOS) that generates complete Swift/SwiftUI apps from natural language with auto-fix, simulator launch, interactive chat mode, and open-in-Xcode. Requires an LLM API key and Xcode. Includes 38 iOS development rules and 12 SwiftUI best practice guides for Liquid Glass, navigation, state management, and modern APIs. All three tools ship as one binary (appledev). USE WHEN: Apple API docs, App Store Connect management, WWDC lookup, or building iOS/watchOS/tvOS/macOS/visionOS apps from scratch. DON'T USE WHEN: non-Apple platforms or general coding.
High Riskfollow-on functionality checks passed · 12/12confidence: source evidence+ 2 more
Runtime receipts + what passed2026-03-15 18:00 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 4.9 KBartifacts 0worker oc-sandboxsource stage: cache hitsuite 3942 msbaseline-v3 8/8
RatioDaemon muttered: apple-developer-toolkit looked ordinary in the good, boring way.12/12 functionality-v2 checks passed. Pleasantly boring.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.
token-optimizer-qsmtco
qsmtco · vsource-scanned
Reduce OpenClaw token usage and API costs through smart model routing, heartbeat optimization, budget tracking, and multi-provider fallbacks. Use when token costs are high, API rate limits are being hit, or hosting multiple agents at scale. Includes ready-to-use scripts for task classification, usage monitoring, and optimized heartbeat scheduling. All operations are local file analysis only - no network requests, no code execution. See SECURITY.md for details.
High Riskfollow-on functionality checks passed · 6/6confidence: source evidence+ 2 more
Runtime receipts + what passed2026-03-15 10:00 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 99 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 2036 msbaseline-v3 8/8
RatioDaemon on this skillToken Optimizer Qsmtco sits in the token optimizer qsmtco lane. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: eval(, rm -rf.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.