ClawHub

Envcheck

v2.0.4

Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Envcheck concepts, best practices, and implementation patterns.

0· 124·0 current·0 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the delivered artifacts: SKILL.md is a reference guide and scripts/script.sh implements the same set of commands and emits static documentation. No unrelated credentials, binaries, or install steps are requested.
Instruction Scope
SKILL.md states all commands output plain-text via heredoc and no network calls; the shell script implements only heredoc outputs and CLI dispatch. Minor inconsistency: SKILL.md lists version 2.0.3, registry metadata is 2.0.4, and the script VERSION is 2.0.2. The docs mention external debugging tools (tcpdump, wireshark) only as recommendations; the skill does not invoke them.
Install Mechanism
No install spec and no downloads — the skill is instruction-only with a small script file. This is low-risk: nothing is written to disk by an installer and no external packages are fetched.
Credentials
The skill declares no required environment variables, credentials, or config paths, and the runtime script does not read environment secrets or config files. Proportional to its documentation-only purpose.
Persistence & Privilege
always is false and model invocation is normal (user-invocable/autonomous allowed). The skill does not request or modify persistent agent/system configuration or other skills' settings.
Assessment
This skill appears to be a simple, local reference tool implemented as a shell script that prints documentation — low risk. Before installing, you can: (1) validate the version mismatch between registry (2.0.4), SKILL.md (2.0.3), and script (2.0.2); (2) quickly review the script (it's short and readable) or run it in a sandbox to confirm behavior; (3) be aware the docs recommend external debugging tools (tcpdump/wireshark) but the skill does not invoke them. If you need absolute assurance, check the upstream GitHub repo history and author contact info on bytesagain.com.

Like a lobster shell, security has layers — review code before you run it.

latestvk975t8synth9z4014xss2n72gs83h5c8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments