ClawHub

Claude Code Setup

v1.0.1

Setup production-grade .claude/ AI collaboration layer for projects. Use when an agent starts using Claude Code for development, enters a new project directo...

0· 345·2 current·2 all-time
byEave Luo@eaveluo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the actual behavior: SKILL.md and index.js both set up a .claude/ directory and populate it with template files. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Runtime instructions tell the agent to check for .claude/ and, if missing, run the bundled index.js to create templates. That is appropriate for the purpose, but the instructions and script will write files into the current working directory — the SKILL.md warns about choosing the correct project directory. Confirm you run it in the intended project to avoid accidental writes.
Install Mechanism
No install spec or remote downloads. The skill is instruction-only for install but includes a local index.js script (no obfuscated code or external fetch). This is low-risk compared with network installs.
Credentials
The skill requests no environment variables or credentials and only accesses the working directory and .claude/ path; access is proportional to its stated function.
Persistence & Privilege
always:false and default autonomous invocation are set. The skill does write files to the project but does not request persistent elevated privileges or modify other skills or system-wide settings.
Assessment
This skill appears to do what it says: create a .claude/ directory and populate it with templates. Before running it: (1) ensure your shell's current working directory is the exact project directory you intend — running it in the wrong folder will create .claude/ there; (2) inspect index.js if you want to verify templates or behavior (it is included and easy to read); (3) you can run it without --force to avoid overwriting existing files (the script checks and skips existing files); (4) there are no network calls or credential requests, but treat any file-write operation carefully in sensitive repositories (consider running in a disposable test repo first).

Like a lobster shell, security has layers — review code before you run it.

latestvk972ntrtxqt93ybektary49ch9821tez

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments