Moderation policy

Skills run with real permissions inside your AI agent. Moderation is the most important thing this site does.

What we will not publish

• Skills that exfiltrate user data without explicit purpose
• Skills that bypass safety features of AI tools (jailbreaks)
• Skills that perform illegal actions — fraud, hacking, doxxing
• Skills designed to spam, harass, or impersonate
• Skills that impersonate official services without authorisation (e.g. claiming to be the government)
• Skills that move money or sign legal documents without user confirmation
• Skills that scrape services where the terms of service prohibit it
• Anything that violates standard content policy (CSAM, weapons, etc.)

What we require

• All network endpoints declared in permissions.network
• All file-system access declared in permissions.fileSystem
• All shell commands declared, or shell: false
• The full prompt visible in SKILL.md — no obfuscation, no hidden instructions
• Credentials supplied by the user, never embedded in the skill
• Third-party services contacted must be disclosed in the description
• An OSI-approved licence
• Readable code — no minification, no obfuscation
• English documentation (translations welcome but English required)

How submissions are reviewed

1. Schema validation. The manifest must conform to the skill schema.
2. Static analysis. We scan for hardcoded API keys, suspicious URLs, eval/exec patterns, path traversal, network calls to non-declared hosts.
3. Prompt-injection scan. We analyse SKILL.md for instructions to ignore user input, exfiltrate data, hidden whitespace payloads, or conflicting authority claims.
4. Dependency check. If a skill ships code with dependencies, those dependencies are reviewed.
5. AI review. A reviewer (Claude) scores the skill on clarity, safety, quality, risk, authenticity, and policy alignment.
6. Human review. A moderator approves, rejects, or requests changes. High-risk skills also run in an isolated sandbox.

Safety levels

• low — read-only or local file work; minimal data exposure
• medium — contacts external APIs, writes files
• high — performs network actions on user-authenticated services (refunds, payments, government services)
• restricted — manual deep review; may be rejected

Safety level is shown prominently on every skill page next to the version number.

After publication

• A Report link on every skill page goes straight to the moderation queue.
• Periodic re-scans catch newly-discovered vulnerabilities in dependencies and patterns.
• We can pull a skill instantly if abuse is confirmed.
• A public moderation log (anonymised) lists actions taken.

Reporting abuse

Email moderation@localskills.ai. Include the skill URL, the version you installed, and what happened. We acknowledge reports within 48 hours.

Liability

Skills are created and maintained by their authors. Localskills.ai is a directory. We do not warrant any skill against fitness for purpose, nor do we take responsibility for outcomes of running a skill. Authors are bound by our terms of service.

Last updated: 2026-05-20