ClawHub

TreeListy

v1.0.0

Hierarchical project decomposition and planning. Use when breaking down complex projects, structuring information, planning multi-step workflows, or organizing any nested hierarchy. Supports 21 specialized patterns (WBS, GTD, Philosophy, Sales, Film, etc.) and exports to JSON, Markdown, and Mermaid diagrams.

4· 1.8k·0 current·0 all-time
by@prairie2cloud
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (hierarchical decomposition, 21 patterns, exports) matches the included files: decompose, export, patterns, validate, push and a CLI. Requesting node makes sense. No unexpected credentials or unrelated binaries are required.
Instruction Scope
SKILL.md simply instructs the agent to run the local Node CLI scripts (patterns, decompose, export, validate, push). The CLI reads user-supplied files or stdin (expected). However the pre-scan flagged 'system-prompt-override' and 'unicode-control-chars' patterns in SKILL.md — I could not find an obvious explicit system-prompt overwrite in the visible text, so this may be a false positive or hidden characters; it should be inspected for invisible/control characters or embedded instructions before trusting it.
Install Mechanism
There is no registry install spec in the skill bundle. The package.json and package-lock.json show a single npm dependency (ws) fetched from the public npm registry — a low/expected install footprint. No downloads from personal servers or shortened URLs are present.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The behavior (reading only user-specified input files and optional local push) is proportionate to the stated purpose.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does not modify other skills or system-wide configs. CLI can be invoked autonomously per platform defaults, but that is normal and flagged as expected.
Scan Findings in Context
[system-prompt-override] unexpected: The static pre-scan detected patterns that often indicate attempts to inject instructions into the agent's system prompt. The visible SKILL.md looks like a normal manifest, so this may be a false positive or due to hidden/unicode-control characters. Inspect SKILL.md for invisible control chars or unusual YAML that could try to influence the agent runtime.
[unicode-control-chars] unexpected: Control/unicode-override characters were detected in SKILL.md. These can be used to hide text or alter how the file is interpreted. Even if content appears benign, verify the file with a hex viewer or strip control characters before use.
What to consider before installing
TreeListy is mostly coherent with its description: it runs local Node scripts to decompose and export hierarchical trees and optionally pushes to a running TreeListy instance. Before installing or running it, do the following checks: 1) Inspect SKILL.md and README for hidden or non-printable characters (open in a hex editor or run a filter to show/control chars). The pre-scan flagged possible prompt-injection patterns — treat those as suspicious until proven benign. 2) Review push.js and the CLI: the push command is intended to connect to localhost (a browser-based MCP bridge), but the code accepts a host parameter — do not use a remote host unless you trust it. If you will run this skill in an environment with sensitive internal services, avoid using the push feature or restrict it to localhost. 3) Run npm install only from a trusted environment and run npm audit on dependencies (only 'ws' is declared). 4) If you plan to let the agent invoke the skill autonomously, be aware the skill can read user-specified files (input paths) — ensure you don't pass sensitive files as input. 5) If you want higher assurance, request the upstream repository/source (homepage is missing) or ask the author for a signed release; otherwise treat this as unverified community code. If anything in SKILL.md looks obfuscated or contains hidden characters, do not install until the artifact is cleaned or verified.

Like a lobster shell, security has layers — review code before you run it.

decompositionvk97bzrrknv52ktbkmdvds4k06n80e3cslatestvk97bzrrknv52ktbkmdvds4k06n80e3csmermaidvk97bzrrknv52ktbkmdvds4k06n80e3cspatternsvk97bzrrknv52ktbkmdvds4k06n80e3csplanningvk97bzrrknv52ktbkmdvds4k06n80e3csproductivityvk97bzrrknv52ktbkmdvds4k06n80e3csproject-managementvk97bzrrknv52ktbkmdvds4k06n80e3csroadmapvk97bzrrknv52ktbkmdvds4k06n80e3cswbsvk97bzrrknv52ktbkmdvds4k06n80e3cs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode

Comments