ClawHub

Genai Toolbox

v2.0.1

Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Genai Toolbox concepts, best practices, and implementation patterns.

0· 98·0 current·0 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (reference devtools/genai toolbox docs) match the included assets. The only shipped code is a small shell script that prints reference text—this aligns with a lookup/cheatsheet tool. Minor discrepancy: registry metadata/version is 2.0.1 while the script sets VERSION="2.0.0" (likely a packaging/versioning oversight, not a security issue).
Instruction Scope
SKILL.md explicitly states 'No external API calls, no credentials needed, no network access' and the script's commands are all heredoc static text outputs. The script does not read environment variables or filesystem paths beyond normal execution. Note: the help heredoc is single-quoted and contains $VERSION, so the displayed help will literally show '$VERSION' rather than the actual version—this is a functionality bug but not a security concern.
Install Mechanism
No install specification (instruction-only) and the only code present is a small bash script. No downloads or archive extraction are performed. This is low-risk from an install mechanism perspective.
Credentials
The skill declares no required environment variables, no credentials, and the script doesn't access or require secrets. Requested privileges are proportional to a local documentation tool.
Persistence & Privilege
always:false (not forced into every agent session) and default model invocation permitted. The skill does not attempt to modify other skills, write persistent config, or gain elevated system presence.
Assessment
This skill appears to be a simple local reference tool and is coherent with its description. If you plan to install/use it: 1) review or run the script in a safe environment to confirm behavior (it only prints static docs), 2) note the minor version/help-output bug (help may show '$VERSION'), and 3) confirm you install it from the cited repository/homepage if you require provenance. No credentials or network access are required, and there are no other red flags.

Like a lobster shell, security has layers — review code before you run it.

latestvk979e7ak3mwevhn00n3671332983hhq5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments