ClawHub

code-with-claude

v1.0.0

Comprehensive Claude Code CLI reference covering interactive mode, CLI flags, commands, environment variables, hooks, channels, checkpointing, plugins, and t...

0· 78·0 current·0 all-time
bySagar Awale@awalesagar
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill is a CLI/reference guide for Claude Code and the included files (CLI flags, hooks, plugins, channels, tools, env vars, etc.) match the name and description. It does not request unrelated credentials, binaries, or config paths.
Instruction Scope
The SKILL.md and referenced documents are purely documentation and do not instruct the agent to read arbitrary user files or exfiltrate data. However the references contain runnable examples (e.g., spawning an MCP server, hook command examples, and hook HTTP POSTs) and descriptions of powerful features (Bash tool, hooks that run shell commands, bypass permission modes). Those examples are expected in a CLI reference but could lead to risky actions if followed by a user or an agent without review.
Install Mechanism
No install specification and no code files to execute — instruction-only skill. Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill declares no required environment variables or credentials. The documentation lists many environment variables (e.g., ANTHROPIC_API_KEY, CLAUDE_CODE_OAUTH_TOKEN, CLAUDE_ENV_FILE) as part of product configuration; this is expected for a reference but users should not supply secrets to untrusted plugins or follow examples that persist tokens without review.
Persistence & Privilege
always:false and user-invocable:true. The skill does not request permanent presence or elevated privileges and does not modify other skills or system-wide settings.
Assessment
This skill is documentation-only and appears coherent for its stated purpose. It does, however, document and include examples that can execute shell commands, start local servers, forward webhooks, or configure hooks that POST to HTTP endpoints. Before following any examples: (1) review any shell/HTTP commands and understand what they do; (2) do not paste secrets (API keys, OAuth tokens) into examples from untrusted sources; (3) be cautious enabling hooks or channels that open network listeners or relay permissions; and (4) treat provided example code as a template to review and harden rather than as safe-to-run copy/paste.

Like a lobster shell, security has layers — review code before you run it.

latestvk975pnybmzhtzggavvfzz3vqgh84jjcp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments