Container Analyzer

v2.0.3

Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Container Analyzer concepts, best practices, and implementation p...

⭐ 0· 119·0 current·0 all-time

by@bytesagain1

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

The name/description (reference tool for Container Analyzer) matches the included assets: SKILL.md provides commands and the script prints static help/reference text. No environment variables, binaries, or installs are requested that would be unrelated to a documentation/reference tool. Minor inconsistency: SKILL.md header/version (2.0.2) and registry metadata (2.0.3) differ from the script's VERSION (2.0.1), but this appears to be a release/version bookkeeping issue rather than malicious behavior.

ℹ

Instruction Scope

Runtime instructions are limited to emitting heredoc text for commands (intro, quickstart, patterns, etc.). The script does not read files, env vars, or network. One small content inconsistency: the quickstart text mentions 'Required tools and access credentials' while the SKILL.md explicitly says 'No API keys or credentials required' — this is a documentation mismatch, not evidence of hidden credential access.

✓

Install Mechanism

There is no install specification and no downloads; the skill is instruction-only with a bundled shell script. No external packages or URLs are fetched and the included script is plain text that prints documentation.

✓

Credentials

The skill declares no required environment variables, credentials, or config paths and the code does not access any. The quickstart wording mentions credentials in a generic way, but the implementation does not request or use them.

✓

Persistence & Privilege

always is false and the skill does not request persistent privileges or modify other skills or system settings. Autonomous invocation is allowed (platform default) but, given the harmless scope, this does not increase risk materially.

Assessment

This skill appears to only print static reference documentation and does not contact the network or request credentials. Before installing: (1) inspect the included script (scripts/script.sh) yourself — it’s short and readable; (2) note the minor version/documentation mismatches (non-security issues); (3) if you run the script, do so locally or in a sandbox if you prefer extra caution; and (4) if you expect an interactive tool or networked behavior, verify with the author because this skill is purely a local docs printer.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ah1b9czzya3y775q8xsf10183g8ms

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Container Analyzer

License

Comments