ClawHub

ClawHub Publish Smoke Check

v0.0.1

Verify ClawHub login, dry-run sync state, one-off publish success, and cleanup for a local skill workspace.

0· 97·0 current·0 all-time
by@meishiene
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the runtime instructions: the skill is a procedural checklist for testing the ClawHub publish path. It does not request unrelated binaries, env vars, or access.
Instruction Scope
The SKILL.md instructs the operator to run clawhub CLI commands, create a temporary skill directory, publish it, then hide or delete it. This stays within the described purpose, but publishing creates a real registry artifact — cleanup may not immediately remove all traces (caches, mirrors, audit logs), so follow the documented cleanup steps and verify removal.
Install Mechanism
There is no install spec and no code files. This is instruction-only, so nothing will be written to disk by the skill itself.
Credentials
The skill declares no required environment variables or credentials. The instructions assume the user has a clawhub login token already, which is appropriate for the task.
Persistence & Privilege
The skill does not request always:true or other elevated persistence. Default autonomous invocation is allowed by platform policy but the skill itself does not request persistent or system-level changes.
Assessment
This skill is a simple, coherent checklist for using your local clawhub CLI to smoke-test publish behavior. Before using it: ensure you really want to publish a temporary artifact from your account (use a throwaway account or a clearly-named test slug), avoid including any sensitive data in the temporary skill contents, choose a unique slug, and verify the registry entry is removed after cleanup (hiding/deleting may not purge all caches or audit traces immediately). Because the skill is instruction-only and requests no secrets, there is low intrinsic risk, but publishing to a public registry is an action that affects your account and may be visible to others — proceed deliberately.

Like a lobster shell, security has layers — review code before you run it.

latestvk974gvnr36wpj921wst7x7d0m983ed67

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments