ClawHub

Web Profiler

v1.0.0

Provides a development tool that gives detailed information about the execution of any request web profiler bundle, twig, component, dev, php, symfony.

0· 89·1 current·1 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description match the included script and SKILL.md: a CLI tool for recording, searching, exporting, and reporting profiling entries. Required capabilities (local file storage) are appropriate for the stated purpose.
Instruction Scope
SKILL.md instructs the agent to run local commands and the script implements those commands. All runtime actions are limited to reading/writing log files under the user's home directory; there are no instructions to read unrelated system files, environment variables, or to send data to external endpoints.
Install Mechanism
No install spec (instruction-only), but the repository includes a shell script (scripts/script.sh) that is the implementation. The script does not download or execute remote code. NOTE: running the script will create and write files under ~/.local/share/web-profiler.
Credentials
The skill requests no environment variables or credentials. It uses $HOME for a local data directory, which is proportional to a CLI logging tool. There are no unrelated secrets or config paths requested.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or global agent configuration. Its persistent footprint is limited to its own data directory under the user's home.
Assessment
This appears to be a benign local logging/profiling tool. Before installing or running: (1) review scripts/script.sh yourself (it will create ~/.local/share/web-profiler and write log/export files there); (2) avoid entering secrets or sensitive data into the tool because user-provided input is logged; (3) if you intend to share exported data, check the export output for formatting issues (there's a minor bug risk in the JSON export implementation); (4) if you need remote reporting or integrations, consider whether local-only behavior is sufficient or if you require a different tool that explicitly supports secure network transfer.

Like a lobster shell, security has layers — review code before you run it.

latestvk970fkc311d0c195sseyf3jg5d836vxz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments