ClawHub

erebos

v0.1.0

Erebos namespace for Netsnek e.U. dark theme and theming engine. Generates accessible dark mode palettes, manages theme tokens, and provides runtime theme sw...

0· 553·0 current·0 all-time
by@kleberbaum
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The declared purpose (dark-theme generator, WCAG palettes, preview, export) is plausible for the files present. No credentials, binaries, or installs are requested, which is reasonable for a small theming tool. However, the actual code does not implement the stated capabilities — the mismatch is not malicious but is a coherence issue: the package advertises features it doesn't provide.
!
Instruction Scope
SKILL.md instructs users to run scripts for palette generation, preview (which claims to open a local HTML page), and export. The bundled script (scripts/theme-gen.sh) only parses and echoes arguments and does not generate palettes, open a browser, or export tokens. The runtime instructions therefore overpromise relative to what the agent will actually do.
Install Mechanism
There is no install specification and only a small shell script is included. No downloads or archive extraction occur. This is low-risk from an install perspective.
Credentials
The skill requests no environment variables, no credentials, and no config paths. That is appropriate for the described functionality and consistent with the contained files.
Persistence & Privilege
The skill is not marked always:true and does not request elevated or persistent privileges. It is user-invocable and can be called autonomously by the agent (platform default), which is expected for a normal skill.
What to consider before installing
This package appears to be a placeholder or incomplete: its documentation promises palette generation, preview-in-browser, and export features, but the included script only echoes arguments and performs no real theming work. It's not asking for credentials or installing external code, so it's low-risk to inspect, but do not rely on it to produce real themes. If you need the promised functionality, ask the author for a full implementation or an updated release. If you run the script locally, avoid running it with elevated privileges (don't use sudo) and review any future versions for network calls or file writes before executing.

Like a lobster shell, security has layers — review code before you run it.

latestvk9785wzmzmyjc7krrve45h8r8n81fd7h

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

OSLinux

Comments