guidelines
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This looks like a coherent FTdesign HTML preview generator; the main things to notice are local HTML file creation and external font/icon stylesheets in previews.
Before installing, be aware that this skill is meant to write HTML preview files into your workspace and that the generated previews may load fonts or icons from external CDNs. This behavior is disclosed and consistent with the skill’s purpose.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may create or update preview HTML files in the user’s workspace.
The skill is expected to create a local HTML file and open a preview. This is aligned with its purpose, but it is still a workspace file-writing action users should understand.
生成HTML文件并在IDE预览窗口中打开。
Review the generated filename and location before relying on it, especially if a file with the same name already exists.
Opening generated previews may make browser requests to jsDelivr and Google Fonts.
The generated HTML templates load third-party icon and font stylesheets. This is normal for visual prototypes, but it introduces external network dependencies when previews are opened.
<link href="https://cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.css" rel="stylesheet"> ... <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap" rel="stylesheet">
If offline use or strict privacy is required, replace CDN links with local font and icon assets.