ClawHub

Dev Setup

v2.0.0

Set up macOS dev environments with automated install scripts for tools. Use when provisioning Macs, installing dev tools, configuring shells.

0· 119·0 current·0 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description say 'dev setup' logging and the included script implements a local CLI that writes/reads logs in ~/.local/share/dev-setup; no unrelated credentials, binaries, or network access are requested.
Instruction Scope
SKILL.md and the script limit actions to creating/reading/writing log files under the user's home (~/.local/share/dev-setup). This is within the stated purpose, but the metadata header lists runtime: python3 while the shipped executable is a bash script — a minor mismatch. The script reads/writes local files (expected).
Install Mechanism
No install spec; the skill is instruction-only plus a shell script. Nothing is downloaded or installed from external URLs.
Credentials
No environment variables, credentials, or external API keys are required. The script uses $HOME (expected) and only standard Unix tools.
Persistence & Privilege
Skill is not always-enabled and does not request system-wide configuration or modify other skills. It stores data only under ~/.local/share/dev-setup.
Assessment
This appears to be a local logging/tooling script and is generally safe: it only creates and reads files under ~/.local/share/dev-setup and does not call external services or ask for credentials. Things to consider before installing or running it: (1) SKILL.md metadata says runtime: python3 but the included executable is a bash script — confirm you run the right file and that your environment uses bash as expected. (2) The export JSON writer does not escape user input, so exported JSON may be malformed if entries contain quotes/newlines — avoid putting secret data into log entries. (3) The search uses grep with the raw term (no '--'), so very special inputs could be interpreted as grep options; avoid passing untrusted strings as search terms. (4) Review the script locally and run it in a limited environment or with non-privileged user before using widely on machines you care about.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ap75n65spyxx3z7fer8gt51836er2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments