ClawHub

Clawddocs Zc

v1.2.4

Clawdbot documentation expert with decision tree navigation, search scripts, doc fetching, version tracking, and config snippets for all Clawdbot features

0· 145·0 current·1 all-time
by@lean-zhouchao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the provided files and scripts: decision tree, search/fetch/version scripts, and config snippets all align with a documentation/navigation skill. Minor metadata/version inconsistencies between _meta.json, package.json, and registry version are present but likely benign (packaging drift), not security-relevant.
Instruction Scope
SKILL.md instructs the agent to use the local scripts, fetch docs from https://docs.clawd.bot/<path>, and cite sources. The instructions do not tell the agent to read unrelated system files, exfiltrate data, or contact unexpected external endpoints beyond the documented docs URL.
Install Mechanism
No install spec (instruction-only); included scripts are small Bash helpers that only echo messages or URLs. There are no downloads or archive extraction steps, so there is minimal install risk.
Credentials
The skill declares no required env vars or credentials. The snippets file contains placeholders (${DISCORD_TOKEN}, ${TELEGRAM_TOKEN}) for example configs — this is expected for documentation but users should not paste real tokens into shared contexts. No hidden environment access is requested.
Persistence & Privilege
The skill is not set to always:true and does not request persistent system-level changes. It does not modify other skills or global agent settings in the provided files.
Assessment
This skill appears to do what it says: small, local helper scripts and documentation guidance. Before installing or running scripts: (1) verify the docs host (https://docs.clawd.bot) is the official source you trust, (2) review the included shell scripts (they only echo in this bundle) and confirm you are comfortable executing any that you run, (3) never paste real service tokens into examples or public chats — the snippets show placeholder variables only, and (4) note the repository/metadata version inconsistencies; if you need long-term trust, ask the publisher for a canonical homepage or source repo before depending on the skill in production.

Like a lobster shell, security has layers — review code before you run it.

latestvk978dwd1bb5nkhr6cvwctmdm6x83adys

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments