Senior Architect
v2.1.1This skill should be used when the user asks to "design system architecture", "evaluate microservices vs monolith", "create architecture diagrams", "analyze...
⭐ 13· 5.5k·41 current·43 all-time
byAlireza Rezvani@alirezarezvani
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description, SKILL.md, and included scripts align: the scripts scan a project directory, analyze dependencies, and generate diagrams and architecture reports — all expected for an 'architect' tool. One minor mismatch: the SKILL.md and examples call out running 'python' but the skill metadata lists no required binaries.
Instruction Scope
Runtime instructions direct the agent to run the included Python scripts against a project directory and produce reports/diagrams. The scripts read files within the provided project path (package manifests, source files) which is appropriate for the stated purpose and do not, in the reviewed code, access unrelated system paths or environment secrets.
Install Mechanism
There is no install spec (instruction-only), which limits unexpected installs. The package includes Python scripts that expect a Python runtime and may require typical Python deps; the registry metadata did not declare any required binaries or install steps — recommend documenting Python as a required binary or providing a requirements list.
Credentials
The skill declares no required environment variables, credentials, or config paths. The reviewed scripts parse project files (package.json, requirements.txt, go.mod, etc.) which is proportional to the tool's function.
Persistence & Privilege
Skill flags are default (not always:true); it does not request persistent privileges or modify other skills. Scripts operate on user-specified project directories and do not appear to alter agent configuration.
Assessment
This skill appears coherent for generating diagrams and analyzing a codebase. Before installing or running it: 1) Review the remaining/truncated script files for any network calls, subprocess execution, or attempts to read files outside the supplied project path. 2) Run the scripts in an isolated environment (container or VM) and avoid pointing them at sensitive system directories (home, /etc, cloud SDK config). 3) Note the SKILL.md examples use 'python' — ensure a suitable Python runtime and inspect whether the scripts require any third-party Python packages; consider running pip in a virtualenv. 4) If you need higher assurance, ask the publisher for a dependency list and a short threat-model statement explaining whether the scripts make outbound network requests or execute shell commands.Like a lobster shell, security has layers — review code before you run it.
engineeringvk97a9qes9hwvvyeax3998wp0pd8063ftlatestvk97cp5knj1qg004a9edz8vktan82jnz3software architectvk97a9qes9hwvvyeax3998wp0pd8063ft
License
MIT-0
Free to use, modify, and redistribute. No attribution required.