ClawHub

can-dbc-matrix

v1.0.0

Automation skill for can-dbc-matrix.

0· 51·0 current·0 all-time
byfrankie@frankie-zeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description and the SKILL.md align: the skill documents how to parse and analyze JSON exported by canmatrix. One minor note: the docs show using the canmatrix CLI (pip install canmatrix / canconvert) but the skill metadata does not declare any required binaries or an install step; this is plausible for an instruction-only skill but means the agent/user must provide canmatrix if conversion is needed.
Instruction Scope
All runtime instructions are limited to loading a user-supplied canmatrix JSON file, parsing messages/signals, decoding frames, and summarizing data. The instructions do not direct the agent to read unrelated system files, access credentials, or transmit data to external endpoints.
Install Mechanism
There is no install spec and no code files. This is lowest-risk (instruction-only). The SKILL.md suggests installing canmatrix via pip only as a user step; no automatic downloads or archive extraction are defined by the skill itself.
Credentials
The skill declares no environment variables, credentials, or config paths. The documented operations (JSON parsing, numeric conversion, summary generation) do not require secrets, so the lack of requested env/creds is proportionate.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent system privileges. It does not modify other skills or system-wide agent settings. Autonomous invocation is allowed (the platform default) but is not combined with any other high-risk behavior here.
Assessment
This skill is an instruction guide for working with canmatrix-exported JSON and appears internally consistent. Before installing or using it: (1) be aware that converting .dbc to JSON requires the canmatrix package (pip install canmatrix) — installing packages downloads code from the Python ecosystem, so only do that if you trust the source; (2) the skill operates on user-provided JSON files, so do not feed it sensitive files you don't want parsed or logged; (3) because it's instruction-only, the skill itself will not auto-install tooling — if you allow an agent to run system commands, ensure you trust which commands it will run. If you want the skill to perform conversions automatically, ask the maintainer to declare required binaries or provide an explicit, auditable install step.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dj16qgagdhjq26he3t4v04x84rhct

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments