ClawHub

Cart Management

v1.0.0

React cart state management: duplicate prevention, localStorage persistence, CartContext patterns. Use when building or fixing shopping carts, product lists,...

0· 484·2 current·3 all-time
by@konscious0beast
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (React cart management, duplicate prevention, localStorage persistence, CartContext patterns) matches the SKILL.md instructions. No unrelated binaries, env vars, or installers are requested.
Instruction Scope
Instructions stay within cart management scope, but contain practical issues: the example writes localStorage with [...cartItems, item] (not using the functional 'prev' value) which can cause stale-state/race bugs; it duplicates derived state (cart IDs) which can get out-of-sync; it doesn't mention guarding localStorage access for SSR (window may be undefined) or handling JSON.parse errors. Also no warning about localStorage being accessible to page scripts (XSS risk).
Install Mechanism
Instruction-only skill with no install spec or downloads. Low install risk — nothing will be written to disk by an installer.
Credentials
No credentials, env vars, or config paths are requested. Declared requirements are minimal and appropriate for the described client-side task.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges or modify other skills. It only recommends using browser localStorage, which is appropriate for a client-side cart pattern but has the usual browser-storage tradeoffs.
Assessment
This skill appears to be what it says (React cart patterns) and has no unusual external requirements. Before using the suggested code: 1) Fix the stale-state bug — compute the new cart from the previous state and then persist that new value to localStorage (use functional updates and write the same new object to storage). 2) Avoid duplicating derived state (keep product IDs derived from cart items, or ensure both are updated atomically). 3) Guard localStorage usage for server-side rendering (check for window) and wrap JSON.parse in try/catch. 4) Remember localStorage is readable by any page script — do not store secrets or sensitive info there (XSS risk). 5) Consider debouncing or batching persistence to reduce writes and handle concurrent updates safely. These are implementation-quality and security-adjacent issues, not signs of malicious behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk971vnfpcwbtf4fwv54a8wr8jh81ng1g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments