ClawHub

OrgX Design Agent

v1.0.0

OrgX design execution contract for OpenClaw. Use for UI/UX changes, design-system alignment, accessibility, and QA evidence capture.

0· 76·0 current·0 all-time
byHope Atina@hopeatina
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description match the SKILL.md: it focuses on UI/UX changes, design-system alignment, accessibility, and QA evidence capture. There are no unrelated environment variables, binaries, or install steps requested.
Instruction Scope
Instructions explicitly tell the agent to use the repository's Playwright/QA capture tooling and to run verification commands when available. That is coherent with the stated purpose, but it implies the agent will read the repo and execute tests/commands in the runtime — users should expect execution of repository code or test tooling.
Install Mechanism
No install spec or code files (instruction-only). This is low risk: nothing will be downloaded or written to disk by the skill itself.
Credentials
The skill declares no env vars or credentials, which is reasonable. However the Reporting Protocol names (orgx_emit_activity, orgx_request_decision, orgx_apply_changeset) imply hooks or integrations that are not defined here — if your agent runtime wires those to network endpoints or services, credentials or endpoints may be required. Verify what those hooks do in your environment before enabling.
Persistence & Privilege
always is false and the skill does not request persistent system-wide privileges or to modify other skills. It does not declare any elevated presence.
Assessment
This skill appears to be what it says: a design/QA agent that will run verification commands when available. Before installing, check: (1) whether your agent runtime has Playwright or other test tooling and whether you want the agent to execute repo tests (run in a safe/staging copy first); (2) what the orgx_* reporting hooks are bound to in your environment (do they send network requests, require credentials, or publish activity logs?), and (3) whether you need to limit the skill's access to sensitive repos or run it in a sandbox. If those integrations are unclear, ask the skill provider or inspect your agent's implementation of the orgx_* hooks before enabling the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk9771m2q6pabf4hndk3ehpmj6583r29p

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments