ClawHub

MVP

v1.0.0

Build, validate, and launch minimum viable products with scope discipline, user signals, and iteration speed.

2· 782·5 current·5 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description claim product/MVP guidance; the skill is instruction-only and contains multiple role-specific guides and templates that match that purpose. It does not request unrelated binaries, credentials, or system access.
Instruction Scope
SKILL.md directs the agent to select a role and load role-specific guidance; the referenced content is purely editorial (playbooks, templates, interview scripts). Minor inconsistency: SKILL.md's role table lists paths like 'roles/technical.md' but the bundle contains 'technical.md' and similar at the root — this is likely a packaging/path mismatch but not malicious. The instructions do not ask the agent to read system files, call external endpoints, or access secrets.
Install Mechanism
No install spec and no code files — instruction-only. Nothing is downloaded or written to disk by an installer.
Credentials
No required environment variables, credentials, or config paths are declared or referenced. The guidance is content-only and does not request sensitive data.
Persistence & Privilege
always is false (no forced inclusion). disable-model-invocation is false (normal) but there is no code that would run autonomously or request extra privileges. Nothing in the skill attempts to modify other skills or system-wide configuration.
Assessment
This skill appears to be a straightforward, self-contained set of MVP playbooks and templates and is internally consistent with its description. Before installing, verify the path mismatch noted in SKILL.md (it references 'roles/…' files while the bundle uses root filenames) to ensure the agent will correctly locate the role documents. Also: because this is instruction-only, it cannot exfiltrate secrets unless later updated to include network calls or installers — stop and review any future versions that add install steps, environment variables, or external endpoints before granting access.

Like a lobster shell, security has layers — review code before you run it.

latestvk975kchh36npcsm15sm6xv84ph810fhq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments