ClawHub

Protobuf Linter

v1.0.0

Lint Protocol Buffer (.proto) files for style, naming conventions, breaking changes, and best practices. Supports proto2 and proto3 syntax with 24 rules acro...

0· 48·0 current·0 all-time
by@charlie-morrison
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name, description, SKILL.md commands, and the included Python linter script align: all are about linting .proto files. No unrelated binaries, env vars, or services are requested.
Instruction Scope
SKILL.md instructs the agent to run the included python script against specified files or directories and to produce text/json/summary output. That stays within the linter's purpose. Note: the script opens and reads whatever file paths are passed to it (expected for a linter) — a user/agent should only point it at .proto files they intend to lint.
Install Mechanism
No install spec and no external downloads; the linter is shipped as a local Python script. This minimizes supply-chain risk. It requires a Python 3 interpreter on PATH (SKILL.md uses 'python3'), which is expected.
Credentials
The skill declares no required environment variables, credentials, or config paths and the visible code does not reference secrets or external services. This is proportionate for a file linter.
Persistence & Privilege
always is false and the skill does not request system-level persistence or special privileges. Autonomous invocation is allowed (platform default) but that is expected for skills and not by itself a security issue here.
Assessment
This skill appears to be a straightforward, locally-run Python linter for .proto files. Before installing or running it: (1) confirm you trust the skill owner or inspect the full scripts/protobuf_linter.py file yourself (it will read any file path you pass to it); (2) run it in a restricted environment if you are concerned about unintended file reads; (3) ensure you have python3 available; and (4) if you plan to allow autonomous agent use, limit the file paths the agent may pass to the linter to avoid scanning sensitive directories. If you want greater assurance, paste the full script into a sandbox or static analyzer to review any parts not shown here.

Like a lobster shell, security has layers — review code before you run it.

latestvk979bd9mcvetycxf0wdza2b63x84tz5v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments