ClawHub

open-source-strategy

v1.0.1

When the user wants open source strategy, OSS commercialization, or open source growth. Also use when the user mentions "open source strategy," "OSS strategy...

0· 54·0 current·0 all-time
byKostja Zhang@kostja94
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (open-source strategy, OSS commercialization) match the SKILL.md content. All guidance and referenced related skills are coherent with the stated purpose; nothing requires elevated access or unrelated capabilities.
Instruction Scope
SKILL.md contains only prose guidance and invocation guidance (how/when to open). It does not instruct the agent to read files, access environment variables, call unexpected external endpoints, or perform system operations beyond producing recommendations.
Install Mechanism
No install spec and no code files — instruction-only. No downloads, no package installs, and therefore nothing written to disk by the skill itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. There are no apparent disproportionate or unrelated credential requests.
Persistence & Privilege
always is false and the skill is user-invocable. disable-model-invocation is false (normal), but there is no evidence of privileged persistence, system config modification, or cross-skill credential access.
Assessment
This skill appears internally consistent and low-risk: it only contains written strategy guidance and asks for no credentials or installs. Before enabling, note that it references related skills (e.g., "github", "directory-submission"); if those are invoked later, review their requirements (they may request API keys or other access). As always, never paste secrets into prompts and review outputs for suggestions that would require sharing credentials or running commands. If you need stronger assurance, ask the publisher for provenance or a homepage/source link.

Like a lobster shell, security has layers — review code before you run it.

latestvk976cskhr0ppmctbqsyn48kkbd84e3ja

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments