Prophet
v2.0.2Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Prophet concepts, best practices, and implementation patterns.
⭐ 0· 115·0 current·0 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (Prophet reference for devtools) match the provided files: SKILL.md and scripts/script.sh both contain static reference material and CLI stubs. There are no unexpected environment variables, binaries, or external services required.
Instruction Scope
SKILL.md explicitly states commands output plain-text via heredoc and no external API calls; the included script only prints static documentation, accepts a command name, and does not read arbitrary files, environment variables, or network resources. (Minor content note: some example text in quickstart generically mentions 'access credentials' as part of prerequisites, but that is descriptive documentation and not an instruction to read or use credentials.)
Install Mechanism
There is no install specification (instruction-only style) and no downloads or extracts. The only code file is a local shell script; nothing in the package attempts to install external software or fetch remote code.
Credentials
The skill declares no required environment variables, no primary credential, and no config paths. The runtime script likewise does not access environment variables or secrets. Requested access is proportional to the stated purpose.
Persistence & Privilege
always is false and the skill does not request persistent system presence or modify other skills/config. It can be invoked autonomously by the agent (platform default) but it does not require elevated privileges.
Assessment
This skill appears to be a harmless, self-contained reference CLI that prints static documentation. Before installing or running: (1) Inspect the included scripts (already reviewed here) to confirm no unexpected commands; (2) note a minor metadata mismatch: the package metadata lists version 2.0.2 while the script sets VERSION="2.0.1" (harmless but worth aligning); (3) no credentials or network access are required—do not supply API keys or secrets to this skill. If you want extra assurance, run the script in a sandbox or read the repository at the provided source URL to confirm future versions remain simple and local-only.Like a lobster shell, security has layers — review code before you run it.
latestvk975pwchc02p3vwscqp1tpfjeh83gj20
License
MIT-0
Free to use, modify, and redistribute. No attribution required.