Create Web Form
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: create-web-form Version: 1.0.3 The 'create-web-form' skill bundle is a comprehensive educational resource providing reference materials for building secure and accessible web forms. It covers HTML, CSS, JavaScript, PHP, and Python (Flask), consistently emphasizing security best practices such as using prepared statements to prevent SQL injection (php-mysql-database.md), sanitizing inputs to mitigate XSS (php-forms.md), and using environment variables for sensitive credentials (python-contact-form.md). There are no indicators of malicious code, data exfiltration, or prompt injection attempts.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user asks this skill to create login, checkout, or account forms, the resulting code could handle sensitive user data and must be implemented securely.
The skill may guide generation of forms that handle passwords, payment data, or secrets. This is purpose-aligned for a web form skill and the text includes safer handling guidance, but users should recognize the sensitivity before deploying generated code.
Collect passwords or payment data only when necessary; hash passwords server-side and prefer hosted payment fields or tokenization from a trusted processor
Review any generated form before deployment, avoid raw payment-card handling, use trusted payment tokenization, hash passwords server-side, and keep real secrets in environment variables or a secret manager.