D
DriftLoom.ai
OpenClaw skill trust index
🧪 runtime dashboard live
☰ Menu
High Risknot manually reviewedcatalog importevidence: source-scanned

skill-store

Smart skill installation advisor for ClawHub. Searches for skills matching your needs, evaluates candidates on security (via skill-shield), code quality, and documentation, then produces a comparison report with a recommendation. Use when: looking for a skill to do something specific, comparing similar skills, or wanting a safety-checked recommendation before installing. Zero external dependencies.

49
overall score
Publisher
yx2601816404-sys
Version
source-scanned
Updated
2026-03-15
Tags
search-and-researchawesome-indexcatalog-only

Potentially suspicious implementation signals detected: password.

Install decision: Proceed carefully: suspicious signals are in play.
Caution signal
Suspicious signals detected
Review state
Static analysis only
Evidence points
26
Capability surface
6 capability signals
evidence snapshotnot tested yetnot tested yetno manual review yetsource-scanned evidence
Top row only: current live test result, deeper follow-on result, review presence, and evidence level. Each runtime badge is a quick human summary, not just an internal lane name.
Fresh runtime neighborsStale runtime neighbors

✉️ Quick review

No runtime postcard yet for this skill. Static evidence is available below, but the runtime lane has not touched it yet.

Evidence strengthStronger evidence: source-level scan available
Evidence basisSource-aware static scan of the upstream skill repo
Current runtime resultNo live runtime receipt yet, so the page is still relying on static evidence only.
Jump to technical runtime details

Before you install

✅ Good fit if...
  • You are specifically looking for search-and-research / awesome-index workflows.
🧰 Before you install...
  • Expect setup work: this skill references 9 env vars.
  • Assume outside service calls are part of the story: 7 external domain references showed up.
  • Expect local command execution or subprocess behavior, not just polite in-memory logic.
⚠️ Watch out for...
  • Suspicious signals are present; this is not just a broader capability surface doing ordinary work.
  • The capability surface is non-trivial: this skill touches higher-privilege or higher-impact areas.
  • No runtime verdict yet, so you are leaning harder on static evidence and documentation quality.

Why this label

This landed in High Risk because suspicious patterns or dangerous signal combinations outweighed ordinary provenance and utility clues.

Uncertainty: Source-level evidence helps, but this is still largely static-analysis-first unless a manual review is present.

Evidence strengthStronger evidence: source-level scan available
Suspicious signals1
Higher-impact signals7
Env / secret refs9
Network refs7
Shell signals3

Capability surface and suspicious signals

Capability surface

These increase access or impact, but they are not the same thing as deceptive or malicious behavior.

env vars: 9external refs: 7shell / subprocess usefile write signalsbrowser automationhigher-impact domains

Capability summary

Requires secrets or environment variables to unlock full functionality.References external services or network endpoints.Can invoke shell commands or subprocess-style behavior.
+ 3 more
Contains signs of writing, publishing, or persisting output.Includes browser automation references.Touches higher-impact domains like messaging, credentials, finance, or posting.

Suspicious behaviors

These are the signals that count much more heavily against the score.

suspicious signals detected
Suspicious implementation patterns detected: password.

Evidence

Env vars
CLAWHUB_WORKDIRDIREND
+ 6 more
PATHRATING_SCORESREADMESKILLSKILL_SHIELD_SCANNERSTART
Domains
github.com/openclaw/skills/commit/0194f78312054251261162046561eb49aef146c9github.com/openclaw/skills/commit/62b31aaf55d1b4b90d063b47b9ca9676865d161agithub.com/openclaw/skills/commit/84e670c4ce86fb5accff0878f4c1382ff8c0c4be
+ 4 more
github.com/openclaw/skills/commit/9e54cf0d92fc3a0154aafbf3189ab338105c9298github.com/openclaw/skills/commit/ad232a4ee29a7f88107f6fbf117613bd3ff5014agithub.com/openclaw/skills/commit/c3617efe088ff78331050a4ac80862d50ca7d6cegithub.com/openclaw/skills/commit/c553a781f98a0c1ca216bb8c139daea4d8f08b5f
Binaries
ffmpegghtmux
+ 3 more
pythonbashdocker
Shell signals
subprocessshellbash
Suspicious
password

Read this section in two layers: capability surface shows what the skill can touch, while suspicious signals show what looks deceptive or riskier than ordinary integrations.

🧪 Technical runtime details

No runtime suite recorded yet for this skill.

Publisher and provenance

Listed in the VoltAgent awesome-openclaw-skills catalog under Search And Research and lightly source-scanned from openclaw/skills. This is stronger evidence than catalog metadata alone, but still not a full runtime audit.

Source type: awesome-index

Source path: https://github.com/openclaw/skills/tree/main/skills/yx2601816404-sys/skill-store/SKILL.md

Source URL: https://github.com/openclaw/skills/tree/main/skills/yx2601816404-sys/skill-store/SKILL.md

Discovery category: Search And Research

Manual review

No human review yet. The scorecard is currently static-analysis-first.

Community signals

Community signals

These are community attention markers, not crowd-sourced truth. Click what feels especially worth flagging or reviewing.

Related skills

kefir-batch-manager

p-salmon · Trusted
83
overall

Comprehensive kéfir batch management system with cycle tracking, intelligent reminders, grain health monitoring, and recipe management. Use when managing kéfir fermentation cycles, tracking grain health, calculating ratios, scheduling reminders, or maintaining fermentation records.

echo-agent

krishna3554 · Trusted
82
overall

EchoAgent is a minimal OpenClaw-compatible skill.

japanese-tutor

chndranndr · Trusted
82
overall

Interactive Japanese learning assistant. Supports vocabulary, grammar, quizzes, roleplay, PDF/DOCX material parsing for study/homework help, and OCR translation.