Dice
Roll various dice, view statistics, probabilities, and manage game presets using command-line tools.
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 28 · 0 current installs · 0 all-time installs
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The declared purpose is a dice roller/utility, which matches the script's general behavior, but the SKILL.md commands (e.g., 'dice run', 'dice add') do not match the actual script commands (roll, score, rank, etc.). SKILL.md also claims DICE_DIR env var can change the data directory, but the script hardcodes DATA_DIR to ${HOME}/.local/share/dice. Version in SKILL.md header (1.0.0) differs from the script's v2.0.0 and registry metadata v2.0.0. These inconsistencies suggest sloppy or out-of-date packaging and may lead to unexpected behavior.
Instruction Scope
SKILL.md instructs use of commands that aren't implemented in the script (e.g., 'dice run'), and documents an environment variable (DICE_DIR) that the script doesn't read. The script itself logs every user-provided input into multiple log files under ~/.local/share/dice and exposes search/export features; while expected for this kind of tool, storing arbitrary inputs means secrets or sensitive text pasted into commands would be persisted locally.
Install Mechanism
No install spec is provided (instruction-only), but a code file is included. Because there is no automated install, nothing is downloaded or executed automatically during install, lowering supply-chain risk. However, the presence of an executable script with no install guidance means integrators might execute it manually without clarity about where it writes files.
Credentials
The skill requests no credentials or special environment variables. SKILL.md suggests configuring DICE_DIR via env var, but the script ignores it and uses $HOME for storage. This mismatch is a functionality issue rather than an excessive privilege request, but it can surprise users who expect data to be stored elsewhere.
Persistence & Privilege
The skill does not request 'always: true', does not modify other skills' configuration, and only writes files into a subdirectory of the user's home. It will create and append logs in ~/.local/share/dice, which is local persistence but not an elevated system-wide privilege.
What to consider before installing
Do not install or run this skill system-wide until the author clarifies and fixes the mismatches. Specific things to check or request from the publisher:
- Confirm which CLI commands the tool implements and update SKILL.md to match (or vice versa).
- Make the data directory configurable (script should honor DICE_DIR or document that it does not).
- Be aware the script appends every user input to log files in ~/.local/share/dice; avoid entering secrets or sensitive text into the tool or move the data dir to a safe location first.
- Ask for a homepage/source repository and a signed release or checksum so you can verify integrity; the skill currently lists an unknown source and no homepage.
- If you still want to test it, run the script in an isolated environment (container or VM) and inspect files created under ~/.local/share/dice before giving it more trust.Like a lobster shell, security has layers — review code before you run it.
Current versionv2.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Dice
Dice roller — roll any dice, statistics, probability, and game presets.
Commands
| Command | Description |
|---|---|
dice help | Show usage info |
dice run | Run main task |
dice status | Check state |
dice list | List items |
dice add <item> | Add item |
dice export <fmt> | Export data |
Usage
dice help
dice run
dice status
Examples
dice help
dice run
dice export json
Output
Results go to stdout. Save with dice run > output.txt.
Configuration
Set DICE_DIR to change data directory. Default: ~/.local/share/dice/
Powered by BytesAgain | bytesagain.com Feedback & Feature Requests: https://bytesagain.com/feedback
Files
2 totalSelect a file
Select a file to preview.
Comments
Loading comments…