Back to skill
Skillv1.0.0
ClawScan security
Beauty Diagram · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 27, 2026, 9:29 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it documents and uses the bd CLI via npx to render Mermaid/PlantUML and requests no unrelated credentials or system access.
- Guidance
- This skill appears coherent and does what it says: call the bd CLI (via npx) to produce presentation-ready diagrams. Things to consider before installing/using: (1) npx will download and execute @beauty-diagram/cli from the npm registry—if your organization restricts third-party code, prefer a vetted local install or pinned package version. (2) Authenticated features (unwatermarked output, sharing) require a Beauty Diagram API key; only create/use such keys if you accept that sharing produces public URLs. (3) The SKILL.md claims the API does not persist source unless you call share; if you handle sensitive diagrams, verify the service privacy/policy and avoid using share/export in public mode. (4) The provided scripts use npx --yes (automatic fetch/execute); review them or run commands interactively if you want manual control.
Review Dimensions
- Purpose & Capability
- okName/description match what the skill does. Requiring node/npx and referencing the @beauty-diagram/cli package is appropriate for a CLI-driven diagram renderer. The included scripts and README align with the stated purpose.
- Instruction Scope
- okSKILL.md instructs only diagram-related actions: generating or reading .mmd/.puml files, running bd beautify/export/share, writing outputs to files, and surfacing API errors. It does not direct the agent to read unrelated system files, gather unrelated environment secrets, or post outputs to unexpected endpoints.
- Install Mechanism
- noteThere is no explicit install spec; the skill expects use of npx to fetch @beauty-diagram/cli at runtime. Fetching an npm package via npx is expected for a Node CLI, but it does entail executing code downloaded from the npm registry—this is traceable but carries the usual remote-code-fetch risk. No suspicious download URLs or extract-to-disk installers are present.
- Credentials
- okThe skill requires no environment variables or credentials for basic (watermarked/limited) use. An optional PAT (bd auth login) is clearly documented and justified for share/unwatermarked/export-heavy workflows. There are no unrelated or excessive credential requests.
- Persistence & Privilege
- okThe skill does not request always:true and does not modify other skills or system-wide settings. It allows autonomous invocation (disable-model-invocation: false), which is the platform default and acceptable here. The SKILL.md emphasizes keeping zero state in the agent and preserving source files.