ClawHub

Software Architect

v1.0.0

Design high-level software architecture and system structure. Use this skill when the user mentions: architecture, system design, tech stack, draw the struct...

0· 57·0 current·0 all-time
byEmerson Braun@emersonbraun
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description (software architecture/system design) match the content: stepwise design process, C4 diagrams, ADR templates, tech stack guidance and patterns. The skill declares no binaries, env vars, or installs — which is appropriate for an advisory/design skill.
Instruction Scope
SKILL.md contains only architecture guidance and templates to produce design artifacts. It references the bundled 'references/architecture-patterns.md' for patterns and checklists. There are no instructions to read system files, access credentials, call external endpoints, or perform actions outside producing design text.
Install Mechanism
No install spec and no code files — the skill is instruction-only. This minimizes risk because nothing is written to disk or executed as part of installation.
Credentials
The skill requests no environment variables, credentials, or config paths. All guidance is generic; there are no disproportionate secret or environment access requests.
Persistence & Privilege
always is false and the skill does not request persistent/system-wide changes. It contains no code that modifies other skills or agent settings. Autonomous invocation is allowed by default on the platform, but that is normal and not specifically risky here because the skill has no side-effecting instructions.
Assessment
This skill appears to be a straightforward architecture advisor and is coherent with its stated purpose. Because it's instruction-only, it doesn't request credentials or install software, so risk is low. Two practical cautions: (1) provenance is limited — the source/homepage are unknown, so don't treat it as an authoritative or audited standard; cross-check critical security or compliance decisions with official guidance or a trusted expert. (2) As with any automated assistant output, review generated ADRs, diagrams, and tech choices before applying them to production. If you need stronger guarantees, prefer skills or tools published by known organizations or with verifiable sources and reviews.

Like a lobster shell, security has layers — review code before you run it.

latestvk97awxac1ja67q46s42ssh33n184d2th

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments