OnepilotJoin
SecurityVet skills before they run with real access

Skill Security & Vetting for OpenClaw & Hermes

Skill registries have shipped malicious packages. How to vet skills before they run — skill-vetter and SkillScan on OpenClaw, threat-scanned hubs on Hermes — and how to keep approval on your phone.

sofiane8910

by sofiane8910 · June 5, 2026 · 5 min read

TL;DR

Skills run with your agent's permissions, and public registries have already seen malicious-skill campaigns — so vetting isn't optional. On OpenClaw, skills like skill-vetter, SkillScan, and arc-security-audit scan a skill before you trust it. Hermes hubs add automated threat scanning and agent-to-agent trust scoring. Install the safety skill before the fun ones.

Onepilot runs OpenClaw and Hermes from your iPhone — get one email when it ships on the App Store.

Every skill you install is code that runs with your agent's permissions — its file system, its API keys, its shell. That's the whole point, and also the whole risk. Public skill registries have already seen malicious-skill campaigns, where a useful-looking skill quietly exfiltrates secrets or runs commands you never approved. The fix isn't to avoid skills; it's to vet them first.

That's why a security skill belongs at the bottom of your install list chronologically but the top of your priorities — you want it in place before you start adding the fun stuff.

Vetting on OpenClaw

OpenClaw's community has built a solid security layer on ClawHub. The standouts:

openclaw skills install skill-vetter

Run it against anything before granting real permissions. Because OpenClaw skills are downloaded from an open registry, this scan is your main line of defense.

Vetting on Hermes

Hermes pushes some of this up into the distribution layer. Skill hubs such as HermesHub run automated security scanning against a large threat-detection ruleset before a skill is listed, and add an agent-to-agent trust-scoring system so skills carry a reputation signal. You still review what runs, but the hub does a first pass for you.

OpenClaw vs Hermes at a glance

This matters most when you also run a self-improving agent — an agent writing its own skills should never run them unreviewed.

Running it from your phone

The strongest control is a human approval step, and it doesn't have to keep you at a desk. Onepilot puts that step on your phone: review a new or updated skill over SSH and greenlight it before it runs with real access, on either OpenClaw or Hermes.

FAQ

Why do I need a security skill?

A skill is code that runs with your agent's permissions — its file access, its API keys, its shell. Public skill registries have already had malicious-skill campaigns, so a skill you install blind could exfiltrate secrets or run unwanted commands. A vetting skill scans for those patterns before you trust it.

What are the go-to vetting skills?

On OpenClaw: skill-vetter (security-first skill vetting), SkillScan, arc-security-audit (audits an agent's full skill stack), and agent-skills-audit (multi-pass code audit). On Hermes: hubs like HermesHub run automated scanning with a large threat-detection ruleset plus agent-to-agent trust scoring.

How do I stay in control when the agent runs autonomously?

Run the agent on an isolated host, keep secrets scoped, and require approval before new or updated skills run with real access. Onepilot puts that approval step on your phone over SSH, so you can vet and greenlight from anywhere without leaving the agent unattended.

Related skills

Autonomy

Self-Improving Agent

Native in Hermes · installable on OpenClaw

Memory

Persistent Memory

Native in Hermes · installable on OpenClaw

Development

GitHub

Open PRs, triage issues, manage repos

Run these agents from your iPhone

Drop your email and we'll send one note when Onepilot ships on the App Store.

See also: all skills, OpenClaw on iPhone, or Hermes on iPhone.