ClawHub

Container Runner

v3.0.2

Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Container Runner concepts, best practices, and implementation pat...

0· 296·0 current·0 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included files: SKILL.md and scripts/script.sh provide reference documentation and command output. Minor inconsistencies: registry/version metadata (3.0.2), SKILL.md header (3.0.1) and script VERSION (3.0.0) differ, and the quickstart text generically mentions "Required tools and access credentials" even though the skill itself does not require or request any credentials — these are documentation artifacts rather than functional mismatches.
Instruction Scope
SKILL.md states the skill outputs plain-text heredocs and requires no network or credentials. The included script simply prints static documentation for commands and does not read unspecified files, environment variables, or invoke network endpoints.
Install Mechanism
No install specification is provided and the skill is effectively instruction-only with a small helper script. Nothing is downloaded or written to disk by an installer; risk from installation is minimal.
Credentials
The skill declares no required environment variables, no credentials, and the script does not read or use env vars or secret-like paths. Requested privileges are proportional (none).
Persistence & Privilege
always is false, the skill does not request persistent presence or modify other skill/system configs. Autonomous invocation is permitted by default (platform normal) but the skill's actions are limited and local.
Assessment
This skill appears to be a benign, local reference tool that prints static documentation. If you plan to let the agent invoke it autonomously, note the agent will execute the included script locally when called (it only prints text). You may want to: 1) verify the small script is acceptable to run in your environment (it doesn't access network or secrets); 2) ignore the minor version/metadata inconsistencies (harmless documentation drift); and 3) if you prefer to avoid any autonomous execution at all, disable model invocation for the skill in your agent settings.

Like a lobster shell, security has layers — review code before you run it.

latestvk978dxr7xp125dbckrhhec6hnh83gash

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments