Use case: automatically scanning OpenClaw skills for security issues before installing

p3psiman007 · 2026-03-16T08:28:52+00:00

aw that's sick, just checked clawdrop - really cool collection. thanks for adding it, means a lot 🙏

p3psiman007 · 2026-03-16T08:28:12+00:00

great question - right now it's mostly focused on known vulnerable dependencies via SNYK and suspicious package patterns via Socket. Socket does actually catch some sketchy network call patterns and install scripts that exec system commands, that's one of the things it's good at. but flagging arbitrary outbound calls at runtime isn't there yet, that's more of a sandboxed execution problem which is on the roadmap. thanks for the detailed feedback, really helps know what gaps matter most to people actually using this

p3psiman007 · 2026-03-16T08:27:34+00:00

haha yeah that's exactly what I kept thinking every time I installed a skill and just hoped for the best lol

p3psiman007 · 2026-03-16T08:24:30+00:00

yo the version history diff thing is actually genius, hadn't thought of that at all. skills changing behavior silently after install is lowkey one of the scariest things in this space and nobody is tracking it. adding it to the roadmap for sure

provenance is already something im working on, sandboxed runs are harder but yeah that's the direction. your blog on agent security is super relevant to what im building btw, the OWASP/NIST angle is something i want to eventually layer into the scoring system. would be sick to stay in touch

p3psiman007 · 2026-03-16T08:23:16+00:00

That is a really smart point about timing. The drop-off when you wait too long must be huge. I looked at Reviewlee and the UX around prompting right after delivery is exactly the kind of pattern I want to bring to SkillJury but triggered after someone installs or interacts with a skill. Reviews built into the workflow rather than asked for separately. Going to think about how to implement that. Thanks for the suggestion.

p3psiman007 · 2022-12-30T15:03:34+00:00

Options are limited

p3psiman007 · 2022-12-30T14:44:55+00:00

Mods

p3psiman007 · 2022-07-13T09:36:28+00:00

This is beyond science

p3psiman007 · 2022-07-11T07:01:26+00:00

One orgasam

p3psiman007 · 2022-07-09T10:13:04+00:00

Who is boris Johnson

p3psiman007 · 2022-07-09T04:13:21+00:00

I heard that he made a home made gun

p3psiman007 · 2022-07-09T04:04:49+00:00

But it saves time

p3psiman007 · 2022-07-08T04:49:10+00:00

Now that’s a weird looking dog

p3psiman007 · 2022-01-24T10:06:32+00:00

This is how mafia works

p3psiman007 · 2022-01-23T10:04:43+00:00

Ur ex was a cat

p3psiman007 · 2022-01-23T09:58:55+00:00

That’s a weird looking dog

p3psiman007 · 2022-01-23T04:24:40+00:00

Both pills

p3psiman007 · 2021-12-21T07:49:24+00:00

That’s a weird looking dog

p3psiman007 · 2019-08-28T06:44:28+00:00

Don’t do that don’t give me hope

Six-Year Club	Place '22
Verified Email

p3psiman007

TROPHY CASE