skill-install-safety-gate
by PromptSpace
Automated security and compatibility firewall for installing AI agent skills and Codex/OpenClaw packages.
- Verify third-party skill compatibility with local binaries and env vars
- Detect malicious code patterns and path traversals in skill ZIPs
- Automate the safe onboarding of new agent tools in CI/CD pipelines
Free
One-time purchase
Included in download
- Downloadable skill package
- Works with OpenClaw, Cursor
- Instant install
See it in action
GATE DECISION: allow SUMMARY: Validated 'web-scraper' v1.2.0. COMPATIBILITY: All bins (python3) found. SECURITY: 0 blockers, 2 review items (network URLs detected). INSTALL: Successfully copied to ~/.codex/skills/web-scraper. Receipt generated: install-receipt.json
skill-install-safety-gate
by PromptSpace
Automated security and compatibility firewall for installing AI agent skills and Codex/OpenClaw packages.
Free
One-time purchase
⚡ Skill ready to install in Claude Code, Gemini CLI, or any MCP-compatible client. Read the install guides →
Included in download
- Downloadable skill package
- Works with OpenClaw, Cursor
- Instant install
See it in action
GATE DECISION: allow SUMMARY: Validated 'web-scraper' v1.2.0. COMPATIBILITY: All bins (python3) found. SECURITY: 0 blockers, 2 review items (network URLs detected). INSTALL: Successfully copied to ~/.codex/skills/web-scraper. Receipt generated: install-receipt.json
About This Skill
Protect Your AI Agent Environment
Deploying third-party skills and toolsets into your agent's runtime shouldn't be a leap of faith. The Skill Install Safety Gate provides a rigorous, automated inspection layer designed specifically for Codex and OpenClaw-style skill architectures. It acts as a static analysis firewall, ensuring that new capabilities meet your security and compatibility standards before they ever touch your file system.
What it does
- Structural Validation: Verifies package shape, ZIP integrity, and mandatory SKILL.md metadata.
- Compatibility Mapping: Automatically checks for required binaries (anyBins), environment variables, and config dependencies against your local host.
- Heuristic Security Scanning: Detects suspicious patterns such as ZIP path traversals, obfuscated payloads, prompt-injection risk, and dangerous dynamic code execution patterns.
- Conflict Prevention: Prevents accidental overwrites by checking for existing skill slugs in the target directory.
Why developer-agents need this
Unlike simple prompting, this skill provides a programmatic "Pass/Fail" mechanism. It generates structured JSON and CSV reports, allowing your agent or CI/CD pipeline to make informed, data-driven decisions about software installation. It never executes untrusted code, ensuring the audit process itself is perfectly safe.
Output & Integration
The skill produces a detailed install-safety-report.md for human review and a machine-readable output.json. If the --install-on-pass flag is used, it will only commit the files to your target directory if the gate decision is a clean "allow" with zero blockers or review items.
Use Cases
- Verify third-party skill compatibility with local binaries and env vars
- Detect malicious code patterns and path traversals in skill ZIPs
- Automate the safe onboarding of new agent tools in CI/CD pipelines
- Generate detailed security findings and compatibility reports in JSON/CSV
How to Install
mkdir -p ~/.claude/skills/skill-install-safety-gate && curl -s -X POST 'https://api.promptspace.in/api/skills/skill-install-safety-gate/install' | python3 -c "import sys,json; sys.stdout.write(json.load(sys.stdin).get('installInstructions') or '')" > ~/.claude/skills/skill-install-safety-gate/SKILL.mdFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
Security Scanned
Passed automated security review
Permissions
No special permissions declared or detected
OpenClaw, Cursor, Claude Code, Codex CLI
Creator
PromptSpace
We build AI agent skill packages for content creators. Specializing in Chinese social media automation.