the corpus
63,697 OpenClaw skills, scanned
Browse ClawAudit's security verdicts for every OpenClaw / ClawHub skill. Every verdict is counted from code. Lead with the proof, then search the rest. See the security report for the ecosystem analysis, or how to audit a skill before installing.
scanned · capability combination flagged 4chad Dangerous network_out · credential_access reads env vars and reaches the network: the shape, not proof, of exfiltration scanned · no red flags ai-product-space Trusted — clean under static analysis. silence is the verdict.
the spread a judgment over the capabilities, not a raw measurement. see methodology
Trusted89%
Caution0.5%
Risky10.2%
Dangerous0.3%
| Skill | Score | Tier | Findings | Critical | Capabilities |
|---|---|---|---|---|---|
| 3d-pet-checkout-test | 18 | Dangerous | 7 | 1 | — |
| 3x-ui-vps | 18 | Dangerous | 8 | 0 | network_out |
| 4chad | 18 | Dangerous | 4 | 1 | network_out, credential_access |
| aapanel-5h3ll | 18 | Dangerous | 9 | 0 | network_in |
| abby-browser | 18 | Dangerous | 2 | 0 | — |
| abe-findmy-location | 18 | Dangerous | 4 | 0 | package_install, network_in, data_encoding |
| academic-writer | 18 | Dangerous | 4 | 0 | package_install |
| acp-coder | 18 | Dangerous | 4 | 1 | process_exec |
| adam-framework | 18 | Dangerous | 11 | 0 | — |
| adaptive-routing | 18 | Dangerous | 6 | 2 | network_out |
| adaptive-skill-evolver | 18 | Dangerous | 6 | 1 | network_in, credential_access |
| adguard-home | 18 | Dangerous | 6 | 1 | — |
| ads-claw2 | 18 | Dangerous | 1 | 0 | — |
| advertising-analysis | 18 | Dangerous | 2 | 0 | — |
| aegis | 18 | Dangerous | 7 | 1 | network_in, credential_access |
| aegis-bridge | 18 | Dangerous | 5 | 0 | network_out, file_write |
| aetup-automatik | 18 | Dangerous | 3 | 0 | — |
| agency-agents-wrapper | 18 | Dangerous | 12 | 2 | — |
| agent-architecture-patterns | 18 | Dangerous | 2 | 1 | — |
| agent-browser-conflict | 18 | Dangerous | 1 | 0 | package_install, dynamic_eval |
| agent-browser-disabled | 18 | Dangerous | 1 | 0 | package_install, dynamic_eval |
| agent-browser-jau771 | 18 | Dangerous | 1 | 0 | package_install, dynamic_eval |
| agent-browser-juan | 18 | Dangerous | 1 | 0 | package_install, dynamic_eval |
| agent-browser-skip | 18 | Dangerous | 1 | 0 | package_install, dynamic_eval |
| agent-browser-temp | 18 | Dangerous | 1 | 0 | package_install, dynamic_eval |
| agent-cluster | 18 | Dangerous | 12 | 1 | network_in |
| agent-discord | 18 | Dangerous | 4 | 0 | network_in |
| agent-mem | 18 | Dangerous | 6 | 0 | package_install |
| agent-memory-dna-v5 | 18 | Dangerous | 0 | 0 | — |
| agent-memory-patterns | 18 | Dangerous | 2 | 0 | agent_memory, file_write, credential_access |
| agent-slack | 18 | Dangerous | 3 | 0 | — |
| agentcp | 18 | Dangerous | 4 | 0 | — |
| agentforge-2 | 18 | Dangerous | 1 | 0 | credential_access, data_encoding |
| agentloop | 18 | Dangerous | 3 | 0 | — |
| agentpay-sdk | 18 | Dangerous | 5 | 2 | — |
| agile-workflow | 18 | Dangerous | 10 | 1 | package_install |
| ai-capsule | 18 | Dangerous | 8 | 0 | file_read, credential_access |
| ai-content-repurposer-lvjunjie | 18 | Dangerous | 4 | 1 | package_install, credential_access |
| ai-llm-data-automation | 18 | Dangerous | 3 | 2 | — |
| aigroup-browser-skill | 18 | Dangerous | 4 | 0 | — |
| aionis | 18 | Dangerous | 3 | 0 | — |
| aioz-pin-toolkit | 18 | Dangerous | 2 | 1 | credential_access, network_out |
| airoom-finance | 18 | Dangerous | 1 | 0 | package_install |
| aiusd | 18 | Dangerous | 3 | 0 | — |
| akaunting | 18 | Dangerous | 3 | 0 | network_in |
| akshare-financial-data | 18 | Dangerous | 2 | 0 | — |
| akshare-local-workbench | 18 | Dangerous | 8 | 0 | — |
| akshare-stock-analyzer | 18 | Dangerous | 2 | 0 | — |
| akshare-wrapper | 18 | Dangerous | 2 | 0 | package_install |
| alert-to-fault-handling | 18 | Dangerous | 2 | 0 | — |