#23372: Skills: quarantine ClawHub installs until explicitly enabled

## Summary - quarantine ClawHub-installed workspace skills by default (detected via `.clawhub/lock.json`) - require explicit opt-in (`skills.entries.<skillKey>.enabled=true`) before quarantined skills become eligible - add `openclaw skills enable <name>` and `openclaw skills disable <name>` commands for explicit activation/deactivation - update skills and ClawHub docs to reflect the explicit enable flow ## Why Third-party marketplace skills should be treated as untrusted until a user explicitly enables them. ## Tests - pnpm test src/agents/skills.config.quarantine.test.ts src/cli/skills-cli.test.ts - pnpm test:e2e src/agents/skills.buildworkspaceskillstatus.e2e.test.ts src/cli/skills-cli.e2e.test.ts - pnpm tsgo - pnpm check *(currently reports an existing formatting issue in `docs/gateway/security/index.md` on this upstream snapshot)* <!-- greptile_comment --> <h3>Greptile Summary</h3> Implements security-by-default quarantine for ClawHub-installed skills by requiring explicit opt-in before marketplace skills become eligible. Skills tracked in `.clawhub/lock.json` are now disabled by default until users run `openclaw skills enable <name>`. **Key changes:** - Added `isSkillQuarantinedByDefault()` function that checks `.clawhub/lock.json` with file-stat caching (2s TTL) - Skills from `openclaw-workspace` source matching lock.json entries are quarantined unless `enabled: true` in config - New CLI commands `openclaw skills enable/disable <name>` that upsert config entries - Documentation updated across four files to reflect the explicit enable flow - Test coverage includes unit tests for quarantine logic and e2e tests for the enable flow <h3>Confidence Score: 4/5</h3> - Safe to merge with minor considerations around cache staleness - Well-tested security feature with comprehensive documentation. The implementation is sound with good separation of concerns. Cache TTL of 2s is appropriate for the use case. The only potential edge case is cache staleness during concurrent operations, but this is unlikely to cause security issues (only UX inconvenience). - No files require special attention _{Last reviewed commit: 19fc569} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->