ClawHub

Htaccess Toolkit

v1.0.0

Generate, validate, lint, and explain Apache .htaccess files. Use when asked to create htaccess rules, redirect URLs, set security headers, enable caching, c...

0· 55·0 current·0 all-time
by@charlie-morrison
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (htaccess generation, linting, explanation) align with the included SKILL.md and the Python script. The script implements generators, lint rules, explain/presets functionality and does not request unrelated resources (no cloud keys or unrelated binaries).
Instruction Scope
Runtime instructions are limited to invoking the included Python script (generate, lint, explain, presets) and operating on .htaccess paths or writing an output file. They do not instruct the agent to read unrelated system files or transmit data externally.
Install Mechanism
No install spec is present (instruction-only + included script). The code is pure Python stdlib and will run locally; nothing is downloaded or executed from external URLs.
Credentials
The skill declares no environment variables, no credentials, and no config paths. The script does not appear to access secrets or unrelated env vars; its generated .htaccess content includes SetEnvIf which only affects Apache behavior when deployed, not the host environment.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. It does not request persistent system-wide privileges or modify other skills' configurations.
Assessment
This skill appears to do what it claims, but take normal precautions before running: (1) Inspect the included scripts yourself (they are pure Python and bundled). (2) Back up any existing .htaccess before writing or using the --output option to avoid accidental lockout. (3) Test generated rules on a staging environment (HSTS, 'Require all denied', CORS permissive rules, and redirects can break site access). (4) The tool writes the file path you supply without sanitizing the name—avoid running it as a privileged user and avoid pointing output at system paths. (5) If you will use it in automation/CI, review the linter rules and strict exit behavior. If you want extra assurance, run it in a sandboxed environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk974e2hh36nxj2emdtbfe4gytx84s0nq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments