ClawHub

Startup Tools

v2.0.0

创业工具包。创业清单、公司注册、MVP规划、融资准备、法律合规、增长策略。Startup toolkit with checklist, register, MVP planning, fundraise, legal compliance.

1· 346·1 current·1 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (startup checklist, registration, MVP, fundraising, legal, growth) match the provided documentation and included scripts which produce guidance text. There are no unrelated requirements (no cloud credentials, no unusual binaries).
Instruction Scope
SKILL.md and tips.md instruct the agent to present guidance and to run the included scripts (bash scripts/startup.sh). The scripts only produce static guidance, accept simple command args (command, stage, industry), and read/write a local data directory. They do not access system secrets, network endpoints, or other unrelated files.
Install Mechanism
This is instruction-first with no install spec. The included shell scripts are plain text and do not download or install remote code.
Credentials
No required environment variables, credentials, or config paths are declared. The scripts use a local DATA_DIR (STARTUP_TOOLS_DIR or XDG_DATA_HOME or ~/.local/share/startup-tools) which is proportional to a note/logging feature.
Persistence & Privilege
always is false (normal). The scripts create and write to a per-user data directory (~/.local/share/startup-tools) and maintain history.log and data.log; this is reasonable for local persistence but worth noting that user data will be stored locally.
Assessment
This skill appears to do what it says: provide startup guidance and local utilities. It does create/modify files under a user data directory (STARTUP_TOOLS_DIR or ~/.local/share/startup-tools) and keeps history.log and data.log; avoid storing sensitive secrets there. The export command prints stored entries to stdout, so be mindful before running export around sensitive content. No network endpoints or credential requests are present. If you plan to let the agent invoke it autonomously, note that it only runs local scripts and logs locally (no external exfiltration observed).

Like a lobster shell, security has layers — review code before you run it.

latestvk9776q3xe8ksj53s5vy4dzztps8334vmproductivityvk97dwssbc6yb6m2kwx4eave7m182rbsn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments