ClawHub

base64-toolkit

v1.0.0

Provides base64 encoding, decoding, and validation utilities for data handling and transformation. Use when you need to encode or decode base64 data, validat...

0· 96·0 current·0 all-time
by@jpengcheng523-netizen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description (base64 encoding/decoding/validation) match the exported functions and CLI behaviour in index.js. All functions (encode, decode, encodeURLSafe, file operations, JSON helpers, detection) are appropriate for a base64 toolkit and nothing extra is requested.
Instruction Scope
SKILL.md only documents how to require and call the library functions and gives usage examples. The runtime instructions do not ask the agent to read unrelated system files, environment variables, or call external endpoints. The code does perform file I/O for explicit encodeFile/decodeToFile helpers (reads/writes paths provided by the caller), which is expected and described.
Install Mechanism
No install spec is provided (instruction-only skill with included source). There are no downloads, external installers, or package manager steps. package.json is minimal and normal for a JS library.
Credentials
No environment variables, credentials, or config paths are required. The code does not access process.env or external secrets. The lack of requested credentials is proportionate to the skill's purpose.
Persistence & Privilege
Skill is not forced-always, does not modify other skills or global agent configuration, and does not request elevated persistent privileges. The module exports functions and has a CLI entry point; it runs main only when executed directly.
Assessment
This appears to be a straightforward base64 utility. Before using, be aware that the file helpers will read/write whatever file paths you pass to them — don't point them at sensitive system files unless you intend to. There is no network activity or secret collection in the code. If you need to verify safety further, you can review the small index.js file yourself (it is included) or run it in a sandbox.

Like a lobster shell, security has layers — review code before you run it.

latestvk9797ene8p85vh63b0rbp2mmcn83mv2w

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments