ClawHub

Devops Bash Tools

v2.0.4

Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Devops Bash Tools concepts, best practices, and implementation pa...

0· 192·0 current·0 all-time
bybytesagain4@xueyetianya
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description promise a local DevOps bash-tools reference; the included script implements that by printing documentation texts. There are minor inconsistencies (metadata versions differ: registry v2.0.4, SKILL.md v2.0.3, script VERSION=2.0.2) and the cheatsheet lists a 'troubleshooting' command that isn't implemented, but these look like small documentation/versioning oversights rather than design mismatches.
Instruction Scope
SKILL.md explicitly states no external API calls, no credentials, and outputs via heredoc. The runtime script only emits local heredoc content and has no network calls, file reads/writes beyond stdout, or attempts to access environment variables. Instructions and implementation stay within the described scope.
Install Mechanism
There is no install spec (instruction-only). A single script file is bundled but nothing is downloaded or extracted at install time, so the install surface is minimal and low-risk.
Credentials
The skill declares no required environment variables, credentials, or config paths, and the script does not read env vars (aside from a minor non-expanding $VERSION in a quoted heredoc). There is no disproportionate credential access.
Persistence & Privilege
always is false and the skill does not request persistent system presence or modify agent/system configuration. It is user-invocable only and does not elevate privileges.
Assessment
This skill appears to be a simple, local reference implemented as a bash script and is coherent with its description. Before installing, you can: (1) review the script yourself (it’s short and readable) to confirm there are no network calls or secret accesses, (2) run it locally in a safe environment to inspect output, and (3) be aware of minor doc/version mismatches (they are likely harmless). If you require strict provenance, verify the GitHub repo and author (BytesAgain) before trusting or automating this skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk979acckcw7dvjnaanztxgfw2h83hrks

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments