ClawHub

Js Compiler

v2.0.2

Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for JS Compiler concepts, best practices, and implementation patterns.

0· 115·0 current·0 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (
Instruction Scope
SKILL.md states all commands output plain-text via heredoc with no external calls; the shell script implements only heredoc outputs and contains no network calls, no file reads/writes beyond stdout, and no access to environment variables or secrets. Small implementation bugs: help heredoc is single-quoted and contains the literal "$VERSION" rather than expanding it, and the script uses "shift 2" unconditionally which could drop arguments unexpectedly. These are functional issues, not scope creep.
Install Mechanism
No install spec; skill is instruction-only plus a simple script. No downloads, no package installs, and nothing is written to disk by an installer step — low-risk.
Credentials
No required environment variables, no credentials, and the script does not read env vars or config paths. The declared requirements (none) are proportionate to the stated purpose.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify other agent/system configs. Normal user-invocable/autonomous invocation settings are present but not combined with other privileges.
Assessment
This skill is essentially a local help/reference script and appears safe to install from a capability/privilege standpoint. Before using, you may want to: 1) review/correct minor bugs (version string mismatch, help shows literal $VERSION, cheatsheet references a non-existent "troubleshooting" command, and the unconditional "shift 2" may drop arguments) if you plan to run it with arguments; 2) run the script locally in a safe environment to verify behavior (e.g., ./scripts/script.sh help); and 3) confirm you obtained the skill from a trusted source. There is no network access or secret usage in the code, so no credential exposure is evident.

Like a lobster shell, security has layers — review code before you run it.

latestvk974b6qjm9scxsbxxc4r1wckds83htrh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments