ClawHub

Windows Setup

v2.0.3

Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Windows Setup concepts, best practices, and implementation patterns.

0· 125·0 current·0 all-time
by@bytesagain3
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Windows Setup reference) match the included assets: SKILL.md lists reference commands and the script implements those commands and prints static docs. Nothing in the files requests unrelated resources or credentials.
Instruction Scope
SKILL.md instructs the agent to output plain-text reference documentation and explicitly states no external calls; the included scripts only print static heredocs. There are no instructions to read system files, environment secrets, or send data externally.
Install Mechanism
No install spec is present and no external downloads/installers are referenced. The only executable is a small static bash script included in the package, which is low-risk.
Credentials
The skill declares no required environment variables, credentials, or config paths and neither SKILL.md nor the script access any environment variables or secrets. Credential/secret request footprint is empty and proportional to the purpose.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system settings. It is user-invocable and can be invoked autonomously by the agent by default (platform normal), which is reasonable for a reference tool.
Assessment
This skill appears low-risk and does what it says: print local reference documentation. Small issues to note before installing: SKILL.md claims version 2.0.3 while the bundled script sets VERSION="2.0.2" (a minor metadata mismatch) and the script's help heredoc is quoted so the $VERSION variable will not expand (you'll see the literal $VERSION in the help text). If you want to be extra cautious, review the repository yourself and confirm there are no other hidden files; otherwise it's safe to use. Remember that allowing autonomous invocation is normal but gives the agent the ability to call the skill without a manual trigger — that is expected but consider whether you want the agent to invoke skills automatically.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a9870955n70y86rtkbcyvc183gn0p

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments