ClawHub

Makefile & Build

v1.0.0

Write Makefiles for any project type. Use when setting up build automation, defining multi-target builds, managing dependencies between tasks, creating project task runners, or using Make for non-C projects (Go, Python, Docker, Node.js). Also covers Just and Task as modern alternatives.

3· 1.6k·2 current·2 all-time
by@gitgoodordietrying
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Makefiles, Just, Task) aligns with the declared runtime requirements (any of make, just, task). No unrelated binaries or credentials are requested.
Instruction Scope
SKILL.md contains concrete Makefile examples and language-specific recipes (Go, Python, Node, Docker). The instructions only reference build-related files and common tools (git, docker, go, pip, npm, rm, find) that are expected for build automation; it does not instruct reading unrelated system files or exfiltrating data.
Install Mechanism
There is no install specification — the skill is instruction-only and writes nothing to disk during install. This is the lowest-risk installation model.
Credentials
The skill requests no environment variables or credentials. The sample Makefiles reference typical build env vars (GOOS/GOARCH, VENV path, REGISTRY) in context but do not require providing secrets via the skill metadata.
Persistence & Privilege
always is false and model invocation is not disabled; this is normal for a user-invocable skill. The skill does not request persistent system-level configuration or modify other skills.
Assessment
This skill looks coherent and only provides Makefile/Just/Task examples. Before you use it or let an agent run generated Makefiles: (1) review the generated Makefile (or any recipe) before executing — Makefiles can contain arbitrary shell commands (rm -rf, docker push, network calls, etc.); (2) ensure your build tools (make/just/task, docker, go, python, npm) are present and that you trust the environment the agent will run in; (3) do not provide secrets or CI credentials to the skill — if you plan to automate making/pushing images or publishing artifacts, use secure CI secrets and review any push/publish commands the skill adds.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f85yd14ree2qgtnzjkj5c0n80e9xc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔨 Clawdis
OSLinux · macOS · Windows
Any binmake, just, task

Comments