ClawHub

Project Brief Writer

v1.0.0

把零散需求、聊天和会议内容整理成项目任务书、边界、验收标准和风险清单。;use for project-brief, requirements, scope workflows;do not use for 生成法律合同, 替代正式需求审批.

0· 85·0 current·0 all-time
byvx:17605205782@52yuanchangxing
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (project brief writer) align with declared requirements (python3) and included resources (template, spec, examples). However, the included scripts contain additional audit utilities (directory_report, pattern_report, skill_audit, csv_report) that go beyond a minimal brief-generator; these functions allow scanning directories and multiple file types and performing pattern matching for secrets. This added functionality is plausible as a convenience for local audits, but is broader than the simple 'brief writer' description.
Instruction Scope
SKILL.md instructs the agent to run the local script using the skill's baseDir and otherwise to generate output from local templates. It does not instruct the agent to read system-wide files or network resources. The run.py script, however, can accept arbitrary filesystem paths and will recursively list and read many text file types for directory or pattern audits if invoked in those modes — so the runtime instructions are safe if used as intended (pointing to skill files or supplied inputs) but could read sensitive local files if the user/agent supplies broad paths.
Install Mechanism
No install spec; instruction-only with bundled Python script. Nothing is downloaded or extracted from external URLs, and the README/SELF_CHECK state only Python standard-library usage.
Credentials
The skill requires only python3 and declares no environment variables, credentials, or config paths. The code does not attempt to read environment variables or request secrets.
Persistence & Privilege
always is false and the skill does not request persistent or elevated privileges. It does not attempt to modify other skills or global agent settings; default autonomous invocation remains allowed (platform default) but is not combined with other concerning privileges.
Assessment
This skill appears coherent and local-only: it bundles a readable Python script and templates and asks only for python3. Before installing/using it: (1) inspect scripts/run.py yourself (it is included and human-readable); (2) run the provided smoke test with the example input to verify behavior; (3) avoid passing root/system directories or sensitive paths as the --input to the script because its directory/pattern-audit code can read many file types and could surface sensitive content in the generated report; (4) because it does not perform network calls or require credentials, risk is limited to local data exposure — consider running it in a restricted workspace or with sanitized inputs if you have sensitive files. If you need higher assurance, ask the publisher for provenance or run the script in an isolated container.

Like a lobster shell, security has layers — review code before you run it.

latestvk972yjwavks3v2jsgdzx1mc1b5837pqk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🗂️ Clawdis
OSmacOS · Linux · Windows
Binspython3

Comments