ClawHub

Nm Cartograph Dependency Graph

v1.0.0

Generate dependency graphs showing import relationships between modules or plugins

0· 54·1 current·1 all-time
by@athola
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (dependency graph) match the instructions: explore a codebase, extract imports, generate Mermaid syntax, and render via a Mermaid renderer. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope
Instructions call a codebase-explorer agent to 'Explore [scope]' and to track internal/external imports — this necessarily requires reading repository files within the provided scope (expected). The SKILL.md does not instruct reading unrelated system files or credentials. Caution: the explorer will access all files in the given scope and could surface secrets present in the repo if they exist.
Install Mechanism
Instruction-only skill with no install spec and no code files, so nothing is written to disk or downloaded during install — minimal install risk.
Credentials
No environment variables, credentials, or config paths are required. Requested resources are proportionate to the stated purpose.
Persistence & Privilege
always:false and default model invocation are used. The skill can be invoked autonomously (platform default) but it does not request elevated or persistent privileges.
Assessment
This skill appears coherent and low-risk: it only needs access to the code you tell it to analyze and does not request credentials or install software. Before running, limit the 'scope' you pass to the codebase-explorer to the repository paths you want analyzed (avoid giving it a workspace that contains secrets or unrelated projects). Confirm the Mermaid renderer (MCP) is a trusted/rendering endpoint in your environment if you care about remote rendering. If you prefer extra safety, run the analysis on a sanitized copy of the repo or a sample project first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ck9wjrpcf68ytc4nf443g9n84m6xc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis

Comments