ClawHub

ts4

v0.1.0

TS4 namespace for Netsnek e.U. TypeScript testing framework. Unit testing, snapshot testing, coverage reporting, and mutation testing.

0· 522·0 current·0 all-time
by@kleberbaum
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name and description advertise a full TypeScript testing framework with coverage and mutation testing, but the bundle contains no TypeScript/Node code, no test runner, no coverage tools, and no declared dependencies (e.g., node, npm, jest, nyc, Stryker). The only executable is a 321-byte bash script that only echoes messages for --run, --coverage, and --status. This mismatch makes the claimed capabilities unsupported by the provided files.
Instruction Scope
SKILL.md simply instructs running ./scripts/test-runner.sh with flags. The instructions do not attempt to read unrelated files or environment variables and do not perform network activity. However, those instructions point to a script that does not implement the described functionality, so the instructions are technically safe but not useful for the stated purpose.
Install Mechanism
There is no install spec (instruction-only skill with bundled files). No downloads or package installs are requested, so there is low install-time risk.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. The runtime files do not access environment variables or secrets. The absence of requested credentials is proportionate to the provided (minimal) functionality.
Persistence & Privilege
The skill is not always-enabled, is user-invocable, and does not request elevated or persistent privileges. It does not modify other skills or system-wide settings.
What to consider before installing
This package looks like a placeholder rather than a working TypeScript testing framework. It contains only a tiny bash script that prints messages and no Node/TypeScript code or declared dependencies (node, npm, test/coverage/mutation tools). Security risk appears low (no network calls, no credentials requested), but functionality risk is high—do not rely on it to run tests. Before installing or using: (1) verify source/trust of the publisher and look for a real homepage or repository, (2) inspect any additional code or a future release to confirm actual test/coverage implementations, (3) test it in an isolated environment if you want to experiment, and (4) if you need a real TypeScript test framework, prefer established tools (Jest, Vitest, Stryker, nyc) with clear install steps and dependencies.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c3k3zc703mgnsgsxyk424wn81cmy0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

OSLinux

Comments