Yeah I think I understand what the | Friends of the Crustacean 🦞🤝 | Page 1

radiant rivet May 8, 2026, 6:45 PM

#

lets thread here lol

#

@narrow spruce

steel sleet May 8, 2026, 6:45 PM

#

On this I never used claw hub or recommend it cause everything scores as risky

#

Even when I put safe things in its risky haha

#

I don’t trust anything on it, it also should link and verify with github and require a synced github repo synced to releases and every release fires off security inspection

#

And github repos with less than 10k stars sorry can’t be on curated claw hub lol

radiant rivet May 8, 2026, 6:46 PM

#

Yeah when everything is risky nothing is risky

#

We have some of that for plugins where GH repos are linked but not skills I believe

#

Def should have skills be linekd to a repo imo and just pull things like stars from there

narrow spruce May 8, 2026, 6:47 PM

#

Yeah maybe part of this messaging is creating more nuance around skills. The first pass is more of a "should you even install this", the second is "how much HOTL supervision should I give this skill". How much blind trust can you give a skill to run autonomously because there's so little chance of a bad outcome.

In my case, yeah because of the nature of the tool, you do run some non-zero amount of risk that it makes a call which leads to an unwanted outcome, therefore it requires some amount of baby steps to find a workflow which works for you.

radiant rivet May 8, 2026, 6:48 PM

#

https://tessl.io/registry/skills/github/browser-use/browser-use/browser-use/security - I like Tessl's attempt at "Quality" for this

#

We are basing the "Risk" scanning on this btw: https://owasp.org/www-project-agentic-skills-top-10/

OWASP Agentic Skills Top 10 | OWASP Foundation

Security Risks and Mitigations for AI Agent Skills

#

I think the current prompting is way too aggressive about calling these out though

narrow spruce May 8, 2026, 6:54 PM

#

Thanks, that's going to be useful to read. I'm just trying to figure out what my next steps should be. I don't own the CLI tool for interacting with Ghost, so I can't really make any modifications to it.
I think the only way to address this warning is to write an advisory guard in the SKILL.md to say that all destructive operations must be approved by the user. That's still flimsy, and can clearly be ignored.

#

Plus I can also document it saying that supervision of this skill's usage is important, and that you should give it an appropriate API key, avoiding global admin access where possible.

radiant rivet May 8, 2026, 7:02 PM

#

thinking through this rn with my agent

radiant rivet May 8, 2026, 7:26 PM

#

Okay so I think this is still just a UX problem.

Right now we collapse all the findings into a classificaiton of "malicious"/"review"/"benign"

I think insetad we should just report the number of findings, and then group those findings more clearly, eg

ClawScan detected 4 findings:
- 2 supervision required
- 1 security fix recommended
- 1 informational note

So for your skill it would hopefully be clear to users that this isnt a "warning", it's just some findings to keep in mind when deciding to use.

#

Working on this now! I'll send a screenshot to get your feedback.

#Yeah I think I understand what the