SuperDesign
PassAudited by VirusTotal on May 13, 2026.
Overview
Type: OpenClaw Skill Name: superdesign Version: 1.0.0 The skill bundle provides comprehensive guidelines for an AI agent on frontend design principles, including layout, theming, animation, and implementation. All instructions and code snippets, such as CDN links for Tailwind CSS, Flowbite, and Lucide icons in `SKILL.md`, are presented as examples for the agent to generate as part of its design output, not for the agent to execute in its own environment. There is no evidence of data exfiltration, malicious execution, persistence, prompt injection attempts to subvert the agent, or obfuscation. The content is entirely aligned with its stated purpose of frontend design.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the generated UI uses these snippets, the page may fetch and run code from third-party CDN providers in the browser.
The skill recommends loading frontend libraries from third-party CDNs, including an unpinned '@latest' dependency. This is disclosed and purpose-aligned for frontend prototypes, but it creates a supply-chain consideration for generated pages.
<script src="https://cdn.tailwindcss.com"></script> ... <script src="https://unpkg.com/lucide@latest/dist/umd/lucide.min.js"></script>
Use pinned versions, integrity checks, or self-hosted assets for production; treat CDN snippets as acceptable mainly for prototypes or trusted contexts.