Auto Glossary
v1.0.0Automatically add technical jargon to the user's tech glossary GitHub repository when encountered during coding sessions. Use when technical terms, coding co...
⭐ 0· 18·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill's name/description (auto-add terms to the user's tech-glossary repo) aligns with the runtime instructions (read glossary.md, write new entries, git add/commit/push). However, it assumes the environment already has git/remote authentication configured (SSH key or credential helper) but does not declare or request any credentials or configuration guidance for pushing to GitHub. That's plausible but under-specified.
Instruction Scope
The SKILL.md explicitly instructs reading and editing project/tech-glossary/glossary.md and committing changes — which is in-scope. But it also says to 'use real code from the current project when possible' and to 'watch for unfamiliar terminology during coding sessions', both of which are vague and could lead the agent to scan arbitrary project files, error logs, or conversation context. The commit/push step is automatic in the workflow described; there is no built-in manual approval step or PR-based workflow described.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is low-risk from an install/execution standpoint because nothing is downloaded or written at install time.
Credentials
No environment variables, tokens, or external endpoints are requested — the skill does not demand unrelated secrets. That said, its push behavior requires network/git authentication; the skill does not declare whether it will rely on SSH keys, stored credentials, or ask the user for a token. Expect the agent to use whatever git credentials/config are available in the environment.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide configuration changes. It writes and commits to files within the project workspace (expected for its function). It does not attempt to modify other skills or global agent settings.
Assessment
This skill will read and modify files in your project (project/tech-glossary/glossary.md), create commits, and push them to the configured remote. Before installing or enabling it: 1) Confirm you are comfortable with an agent making automatic commits and pushes (consider preferring a PR workflow or requiring manual approval). 2) Ensure your repository is backed up or the glossary file is under review control (you can inspect commits with git log). 3) Verify how your environment handles git authentication (SSH keys, credential helpers, or tokens) since the skill does not request credentials explicitly. 4) If you want to limit scope, request the author add a dry-run mode, an explicit confirmation step before committing, or a setting to open PRs instead of pushing directly. 5) If you are uncertain, test in a throwaway repository or branch first. These steps will reduce the risk of unintended edits or accidental exposure of repository content.Like a lobster shell, security has layers — review code before you run it.
latestvk97ds4hb2njj4nasw2jhqmdh0x84f2tt
License
MIT-0
Free to use, modify, and redistribute. No attribution required.