htaccess Generator

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This appears to be a straightforward .htaccess generator; the main thing to review is that it can write a web-server configuration file that changes site behavior.

Safe to consider installing if you need .htaccess generation, but ask the agent to show the generated file first and avoid overwriting an existing production .htaccess without a backup.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation

Low

What this means

If the generated file is written to or deployed as a real .htaccess file, it can change redirects, access controls, CORS behavior, caching, or security headers for a website.

Why it was flagged

The tool can write the generated configuration to a user- or agent-selected path. This is expected for an .htaccess generator, but it can overwrite an existing config file if used carelessly.

Skill content

if args.output:
        Path(args.output).write_text(output)
        print(f"Written to {args.output}")

Recommendation

Review the generated .htaccess content and confirm the output path before writing or deploying it, especially on a production site.