ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Django Project Creator

v1.0.0

Automates Django or Django REST Framework project setup with preconfigured environments, default settings, and best-practice structures for fast, consistent...

0· 602·0 current·0 all-time
byNassi Mohammed@moenassi
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Django project bootstrap) align with the provided Python script and SKILL.md. The script creates projects/apps, writes Django files, and installs Django/DRF packages — all expected for this purpose.
Instruction Scope
SKILL.md and script direct the agent/user to create a venv, run pip installs, startproject/startapp, write urls/views/models, and run manage.py migrate. These actions are in-scope, but they modify local filesystem and run package installs and migrations, so they should be run in an appropriate directory/virtual environment.
Install Mechanism
No install spec (instruction-only) and only a single code file included. The script invokes pip to install packages from PyPI at runtime; this is expected for dependency provisioning but means external code will be fetched when the script runs.
Credentials
No environment variables, credentials, or config paths are requested. The script does not attempt to read or exfiltrate unrelated secrets. It performs local operations and network fetches limited to package installation (pip).
Persistence & Privilege
The skill does not request always:true, does not persist itself into agent configuration, and does not modify other skills or system-wide settings. It only writes files within the chosen project directory.
Assessment
This skill appears to do what it says: create Django or DRF projects and install packages. Before running it, review the included script and run it in a disposable directory or inside a fresh virtual environment because it will: (1) create files and directories under the path you provide, (2) call pip to download and install packages from PyPI, and (3) run manage.py migrate which may modify a local database. If you do not trust the author or you want to be extra cautious, inspect the script line-by-line, run it in an isolated container, or manually perform the steps instead of running the script as-is.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bb9k61nx44xdfy6c8ft69zs81ff67
602downloads
0stars
1versions
Updated 7h ago
v1.0.0
MIT-0
Nassi Mohammed@moenassi
latest
Download

This project eliminates the time wasted on creating virtual machines and setting up environments from scratch. It automatically provisions a ready-to-use development environment with commonly used default requirements, allowing you to choose between Django or Django REST Framework depending on your project needs.

The goal is to standardize and accelerate project initialization by providing a consistent, production-ready structure from day one. Instead of manually configuring dependencies, environments, and base settings, developers can instantly bootstrap a fully configured backend setup with best practices already applied.

  • Key features include:

  • Automated environment provisioning

  • Preconfigured project structure following best practices

  • Support for both Django and Django REST Framework

  • Default development and production-ready settings

  • Dependency management and isolated environments

  • Scalable foundation suitable for small projects or large deployments

This solution is ideal for developers and teams who want to focus on building features rather than repeatedly performing boilerplate setup tasks. It reduces human error, improves consistency across projects, and significantly speeds up the development workflow

Comments

Loading comments...