ClawHub

JSON Formatter

v1.0.0

Format, validate, compress JSON data, and extract JSON paths for improved readability and structure verification.

0· 852·9 current·10 all-time
by@honestqiao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill name and description (format/validate/compress/extract paths) match an instruction-only JSON formatter. It appropriately requires no binaries, env vars, or installs. However, the implementation snippet only implements formatting, validation, and size — it does not implement compression/minification options or JSON path extraction despite those being advertised.
!
Instruction Scope
SKILL.md declares outputs including 'paths' and lists compression as a feature. The skill.yaml's JavaScript implementation returns {formatted, valid, size} (and error on parse failure) and does not produce 'paths' nor a dedicated 'compressed' output. This mismatch may cause the agent to promise outputs it cannot produce.
Install Mechanism
Instruction-only skill with no install spec and no code files beyond short manifest; nothing is written to disk or downloaded. This is low-risk from an install perspective.
Credentials
No environment variables, credentials, or config paths are requested — consistent and proportionate for a JSON formatting utility.
Persistence & Privilege
Skill is not forced-always, does not request elevated privileges, and does not modify other skills. Autonomous invocation is allowed by default (platform normal) and does not combine with other red flags here.
What to consider before installing
This appears to be a simple, low-risk JSON formatting skill, but it advertises features (compression/minification and JSON path extraction) that are not implemented in the provided snippet or output schema. Before installing or enabling it for autonomous use, ask the author to: (1) clarify/implement the path-extraction and compression features or remove them from the docs, (2) align the SKILL.md output schema with the actual implementation, and (3) provide examples showing how 'paths' are derived. Test the skill on representative inputs to confirm outputs match expectations. No external credentials are requested, so there is no immediate credential-exfiltration risk, but the capability mismatch could lead to confusing or incorrect agent behavior.

Like a lobster shell, security has layers — review code before you run it.

formattervk97f9tvxm480d9fx30vhg118d181m0ptjsonvk97f9tvxm480d9fx30vhg118d181m0ptlatestvk97f9tvxm480d9fx30vhg118d181m0pt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments