Security First

Our security scoring system helps you identify safe, trustworthy AgentSkills for your OpenClaw deployment.

Understanding Security Scores

High Security (80-100)

Excellent security practices, minimal permissions, regular updates, and strong community trust.

Medium Security (60-79)

Generally safe but may have some concerns like broad permissions or limited updates.

Low Security (0-59)

Significant security concerns. Use with caution and only in isolated environments.

How We Score Security

Code Quality

25% weight
🔴
Type Safety
Uses TypeScript or similar type checking
🔴
Error Handling
Proper error handling and logging
🟡
Code Documentation
Clear comments and documentation
🟡
Code Style
Consistent coding style and patterns

Permissions & Access

30% weight
🔴
Minimal Permissions
Requests only necessary permissions
🔴
Permission Justification
Clear explanation for each permission
🔴
User Consent
Obtains user consent for sensitive actions
🟡
Access Controls
Proper access control mechanisms

Data Handling

20% weight
🔴
Data Encryption
Encrypts sensitive data at rest and in transit
🔴
Data Minimization
Collects only necessary data
🟡
Data Retention
Clear data retention policies
🟡
Third-party Sharing
Transparent about data sharing

Community & Maintenance

25% weight
🔴
Update Frequency
Regular updates and maintenance
🔴
Issue Response
Responsive to security issues
🟡
Community Reviews
Positive community feedback
🟡
Transparency
Open about security practices

Security Audit Examples

⚠️ Sample audit results — live audits coming in Q2 2026

clawhub

Audited on 2026-03-20 by Security Team
安全95/100

Excellent security practices with minimal permissions and strong code quality.

Strengths
  • Minimal permissions
  • Regular updates
  • Strong community trust
  • Transparent code
Areas for Improvement
  • None identified

feishu-doc

Audited on 2026-03-18 by Community Audit
安全92/100

Strong security with proper data handling and good permission management.

Strengths
  • Good data encryption
  • Clear permissions
  • Active maintenance
  • User consent
Areas for Improvement
  • Slightly complex permission model

coding-agent

Audited on 2026-03-15 by Automated Scan
⚠️警告75/100

Good functionality but needs improvement in permission justification.

Strengths
  • Good code quality
  • Active development
  • Helpful documentation
Areas for Improvement
  • Broad permissions
  • Limited error handling
  • Needs better data minimization

weather

Audited on 2026-03-10 by Security Team
安全85/100

Simple and secure with minimal data collection.

Strengths
  • Minimal data collection
  • Simple permissions
  • Good error handling
Areas for Improvement
  • Limited updates
  • Basic documentation

Security Best Practices

Check Permissions

Always review the permissions a skill requests. More permissions = higher risk.

Review Code Quality

Look for skills with good documentation, error handling, and type safety.

Check Update History

Regularly updated skills are more likely to have security fixes.

Read Community Reviews

Community feedback often reveals security concerns not caught in audits.

Want to Audit Your Skill?

Submit your AgentSkill for a free security audit. Get detailed feedback and improve your security score.

Average audit time: 3-5 business days • Free for open-source skills

85.2
Average Security Score
42
Skills Audited
78%
Pass Security Standards
24h
Avg. Issue Response Time