ClawHub

Shadow

v1.0.0

Generate and preview CSS shadow effects using CLI tools. Use when you need box-shadow, text-shadow, drop-shadow, layered shadows, presets, animations,

0· 95·0 current·0 all-time
by@bytesagain1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included files and behavior: the bundle contains a Bash launcher and a Python core that generate CSS shadow values, presets, previews, exports, and persist records. No unrelated dependencies or credentials are requested.
Instruction Scope
SKILL.md instructs the agent to run scripts/script.sh and documents the CLI surface. The script only reads/writes its own data file (~/.shadow/data.jsonl), builds CSS strings, and writes preview/export files — no reading of unrelated system files or environment variables was observed.
Install Mechanism
No install spec is present (instruction-only with an included script). The code is included in the package; there are no downloads or extract-from-remote steps that would introduce extra risk.
Credentials
The skill requires no environment variables or external credentials. It persists user data under ~/.shadow which is reasonable for a CLI tool of this type.
Persistence & Privilege
The tool persistently stores records at ~/.shadow/data.jsonl and creates that directory. This is expected behavior for a presets tool but is persistent state in the user's home directory and should be noted by the user.
Assessment
This skill appears to do exactly what it says: a local CLI/Python tool that generates and saves CSS shadow presets in ~/.shadow. Before installing or running, review the included scripts/script.sh (already provided) if you don't fully trust the source, and back up or inspect any existing ~/.shadow/data.jsonl because the tool will create/overwrite entries there when saving. Generated preview HTML files should be opened cautiously (they are local files). If you need stronger isolation, run the script in a sandbox/container or inspect the full script output on a test system first.

Like a lobster shell, security has layers — review code before you run it.

latestvk978s52bzmwfnr7grcy2s0fqkd8364xr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments