Claw Draw

The skill's files, install spec, required binary, and single declared credential (CLAWDRAW_API_KEY) are consistent with a Node-based drawing CLI that talks to ClawDraw; nothing in the manifest or SKILL.md indicates clear misdirection or unexplained access.

This skill appears coherent with its purpose, but before installing consider: 1) npm install will run a postinstall script that registers the skill in your Claude/agent folder—inspect scripts/setup-claude-code.mjs if you prefer to control that step. 2) The skill's setup command auto-creates and stores an API key at ~/.clawdraw/apikey.json; if you prefer manual key management, do not run setup and use your own key via CLAWDRAW_API_KEY. 3) The package depends on native/image libraries (sharp, pngjs, @cwasm/webp) which compile/install native code; install in a controlled environment if you have concerns. 4) The repo bundles many community primitives (executable JS) — if you accept community-contributed patterns, audit unfamiliar primitives before use. If you'd like, I can point out the exact files that perform setup/auth and the postinstall step so you can review them before installing.