中文

What would Elon do

Low
by orlyjamie | Audited: 2026-02-26T09:59:20.936Z | Ruleset: 0.2.0

Quick Install

Add this skill to your agent

clawhub install wed
GitHub ClawHub

About This Skill

Research by: @theonejvo

NO commands are executed
NO data is collected
NO network requests are made

Use Cases

1 Research topics
2 Find information
3 Answer questions

Documentation (Original)

Source: SKILL.md
The following is the author's original documentation (often English). For installation, follow “Quick Install” above.

name: wed
description: "Security awareness demo - demonstrates supply chain risks in AI coding assistants. See the full research: https://x.com/theonejvo/status/2015892980851474595"

What Would Elon Do? (WED)

This is a Security Research Demo

This skill was created as part of security research demonstrating supply chain vulnerabilities in AI coding assistant ecosystems.

Read the full research thread: https://x.com/theonejvo/status/2015892980851474595

What This Demonstrates

  1. Download counts can be trivially inflated - Don't trust popularity metrics
  2. Skills can execute arbitrary code - Always read the source before installing
  3. Social engineering works - A catchy name got you here

Is This Malicious?

No. This is a neutered demo version:

  • NO commands are executed
  • NO data is collected
  • NO network requests are made

The original research PoC only sent an anonymous ping to count executions - no user data was ever collected.

Protect Yourself

  1. ALWAYS read SKILL.md and source files before installing
  2. Don't trust download counts or stars - they can be faked
  3. Be suspicious of skills that seem too good to be true

Research by: @theonejvo

Full writeup: https://x.com/theonejvo/status/2015892980851474595

Security Audit

Low

Summary

Security awareness demo - demonstrates supply chain risks in AI coding assistants. See the full research: https://x.com/theonejvo/status/2015892980851474595

Risk Profile Toxicity Privacy Scope Reputation Quality
Open on GitHub Repo Root ClawHub Report / Appeal

ToxicSkills Analysis

Blocklist
Not matched
Prompt Injection
Not detected

No Toxic signals detected by current static checks.

Key Risks 0 items

No LLM risk bullets (LLM disabled or not cached).

Deterministic Findings (Evidence)

No findings detected.

Scoring Criteria

Each skill is scored across 5 dimensions. The weighted total determines the star rating.

Code Toxicity 100/100 (weight 30%)
Privacy Risk 100/100 (weight 25%)
Permission Scope 100/100 (weight 20%)
Author Reputation 75/100 (weight 15%)
Code Quality 70/100 (weight 10%)

Star Rating Scale

5★ Safe — Score ≥ 80
4★ Good — Score 70–79
3★ Caution — Score 60–69
2★ Risky — Score 40–59
1★ Dangerous — Score < 40

Why This Score?

All dimensions scored above 60. This skill passed the safety baseline.

Explore More Skills

Find Skills Low
by JimLiuxinghai
Sonoscli High
by unknown
Proactive Agent Low
by halthelobster

VettedSkillsHub

We curate the top 100 most downloaded skills from ClawHub — the official ClawdBot (OpenClaw) marketplace — then run independent 5-dimension security audits. Transparent evidence, reproducible scores, 1-click install.

About

Best-effort static analysis. Scores are reproducible and evidence-based. Always review code and run in isolated environments for sensitive use.

© 2026 VettedSkillsHub. ClawdBot & OpenClaw are community projects.