Gymlog
v2.0.3Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Gymlog concepts, best practices, and implementation patterns.
⭐ 0· 123·0 current·0 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (Gymlog reference) match the provided files: SKILL.md documents static reference commands and scripts/script.sh implements those commands. Nothing in the bundle requests unrelated capabilities or credentials.
Instruction Scope
Runtime instructions and the included script only print static heredoc content and do not read environment variables, call external endpoints, or access system config. Minor note: the shipped script is a bash program, but the registry metadata lists no required binaries; in practice the script requires a POSIX shell (#!/usr/bin/env bash). This is a small mismatch (usability, not a security red flag).
Install Mechanism
No install spec is provided and no network downloads or package installs occur. The skill is effectively instruction-only with an included local script, which means nothing will be fetched or executed from external URLs during install.
Credentials
The skill declares no environment variables or credentials and the code does not read secrets or require keys. Requested environment access is proportionate (none).
Persistence & Privilege
always is false and the skill does not request persistent system-wide changes or modify other skills. Autonomous invocation is allowed by default but the skill's limited scope keeps risk low.
Assessment
This skill appears to be a safe, read-only reference: it prints static documentation and does not access network or credentials. Before enabling, check that you are comfortable allowing the agent to execute a simple bash script (scripts/script.sh). Note two small issues: the script sets VERSION=2.0.2 while the registry metadata lists 2.0.3 (version mismatch, not a security issue), and the help heredoc uses single quotes so it will display the literal string "$VERSION" rather than substituting the variable (usability issue). If you trust the publisher (bytesagain.com) and your environment allows running small local shell scripts, this skill is coherent and low-risk. If you need extra caution, review the script file yourself or run it in an isolated environment before use.Like a lobster shell, security has layers — review code before you run it.
latestvk978t0a7gyq8c0qhzkeaxgtcm983gapa
License
MIT-0
Free to use, modify, and redistribute. No attribution required.