Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Auto Design Clawhub
v1.0.0Auto-select and apply design systems from awesome-design-md based on project type and task context
⭐ 0· 47·0 current·0 all-time
byyuandezuohua@html1602
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description match the instructions (detect project type, pick a brand, download DESIGN.md, and write a local DESIGN.md). However there are inconsistencies: the registry homepage is moyubox/auto-design while the runtime curl pulls from raw.githubusercontent.com/VoltAgent/awesome-design-md (different owner). The skill declares node and curl as required binaries but provides only instruction examples; node may be unnecessary for an instruction-only skill.
Instruction Scope
SKILL.md instructs the agent to scan project files (file paths, package.json, existing code), write files (.claude/... and Docs/Design), and to curl remote content. It also documents environment variables (AUTO_DESIGN_DEFAULT, AUTO_DESIGN_AUTO, AUTO_DESIGN_PREFERENCE) that are not declared in the registry metadata. Automatic activation triggers on broad keywords and file changes, which gives the skill broad discretion to read project files whenever active.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so nothing will be written to disk by an installer step. That reduces installation risk. The single network action shown is curl against a GitHub raw URL — a common pattern for fetching content — but see note about unexpected repository owner.
Credentials
Registry metadata lists no required environment variables, but SKILL.md documents several optional env vars to override behavior. Those env vars are not declared in requires.env (mismatch). The skill reads project files (package.json, code, CLAUDE.md), which is appropriate for its purpose but can expose sensitive info if run automatically in repositories that include secrets.
Persistence & Privilege
always: true is set, meaning the skill is active for every agent run. Combined with the instruction scope (automatic file scanning and remote downloads), this increases the blast radius — the skill could read many project files and fetch remote resources continuously. There is no justification in SKILL.md for why it must be always active.
What to consider before installing
Before enabling this skill: 1) Verify the canonical source — confirm whether the project should fetch design files from moyubox/auto-design or VoltAgent/awesome-design-md; the mismatch could be benign or an error. 2) Ask the publisher why always: true is necessary; prefer manual or opt-in activation for repository scans. 3) Confirm whether node is actually required; if the skill only uses curl and file reads, node may be unnecessary. 4) Treat automatic file scanning as sensitive: do not enable in repositories containing secrets or private credentials, and consider running in a sandbox/test repo first. 5) If you approve, restrict the skill's scope (disable auto-selection, set AUTO_DESIGN_AUTO=false) and verify downloaded DESIGN.md files come from a trusted repo before applying changes. If the publisher cannot explain the repo mismatch and the always-on need, consider marking this skill untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk97bnjxdqkj7zb54enxp1cnkzh84fmcg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🎯 Clawdis
Binsnode, curl