ClawHub

Nm Hookify Rule Catalog

v1.0.0

Browse the rule catalog and guide installation

0· 54·1 current·1 all-time
by@athola
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the observed behavior: the SKILL.md lists rules and gives installation guidance. The skill does not request unrelated credentials or binaries.
Instruction Scope
Instructions tell the agent to read rules from skills/rule-catalog/rules/... and to write rule files into .claude/*.local.md and to run python3 plugins/hookify/scripts/install_rule.py. Those file paths and scripts are expected but are not included in the skill bundle — the skill is effectively a pointer to an external repo. The actions (reading/writing local files, running a local Python script) are appropriate for a rule installer, but you should confirm the referenced files/scripts exist and inspect them before executing.
Install Mechanism
There is no install spec (instruction-only), which minimizes direct install risk. However, the SKILL.md references a Python installer script that is not bundled here; if you later run that script from a repository or download it remotely, you should review it first.
Credentials
The skill declares no required env vars, credentials, or privileged config paths. The requested filesystem writes are limited to project/.claude rule files and are proportionate to installing rule templates.
Persistence & Privilege
always:false and normal autonomous invocation are set. The only persistent effect described is writing rule files into .claude; the skill does not request system-wide configuration changes or access to other skills' credentials.
Scan Findings in Context
[no-regex-findings] expected: The scanner found no code files to analyze because this is an instruction-only skill (only SKILL.md is present). The SKILL.md references scripts and rule files that are not bundled; this is expected for a catalog that points at an external repository but means you must verify external files yourself.
Assessment
This skill is essentially documentation and an installer guide — it does not include the rule files or the Python installer it references. Before running any install commands: (1) confirm you have the referenced repository or installer script (plugins/hookify/scripts/install_rule.py) locally, or obtain it from the official upstream URL; (2) inspect any installer script and rule files for unexpected behavior before executing; (3) back up your .claude/ directory or working tree (git status is suggested) so changes can be reverted; (4) avoid running downloaded scripts blindly — prefer manual copy or review-first workflows; and (5) if the agent offers to fetch code from the network on your behalf, ask for the exact source URL and inspect it first.

Like a lobster shell, security has layers — review code before you run it.

latestvk973d61c4rxgbjh0ynjb5akg8984pd7j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis

Comments