Use this checklist before installing an agent skill from any external source.

• Verify the upstream repository URL.
• Check maintainers, release history, issue activity, and recent commits.
• Prefer signed releases or reproducible package sources where available.
• Treat newly published packages and copy-pasted install commands as untrusted.

• Read the complete SKILL.md before installation.
• Look for instructions that ask the agent to ignore policies, hide actions, or exfiltrate data.
• Check whether the skill requests broad filesystem, shell, network, browser, or credential access.
• Confirm that triggers are narrow enough for the intended use case.

• Inspect install scripts, postinstall hooks, package scripts, and helper binaries.
• Pin versions where possible.
• Run dependency audits for npm, Python, Cargo, Go, or other ecosystems used by the skill.
• Watch for typosquatting, dependency confusion, and unexpected binary downloads.

• Install first in a disposable project or container.
• Run with least privilege and without production secrets.
• Observe filesystem writes, network calls, and spawned processes.
• Remove the skill if behavior differs from the documented purpose.

• Re-review skills after upstream updates.
• Keep a local inventory of installed skills and versions.
• Disable unused skills.
• For regulated environments, document review evidence for revDSG, FINMA, or internal audit requirements.