ClawHub

Nima Skill Creator

v0.1.1

Create, refactor, and improve Codex-compatible skills with gated requirement discovery, reusable resource planning, executable scaffolding scripts, and valid...

0· 289·2 current·2 all-time
byNima Chu@nimachu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, SKILL.md, references, and included scripts (init, validate, package, generate_openai_yaml) all match the stated purpose of scaffolding, validating, and packaging Codex-compatible skills. There are no unrelated credentials, binaries, or configuration requirements.
Instruction Scope
Runtime instructions are scoped to skill design and local scaffolding: discovery questions, pattern selection, resource planning, and running the included Python scripts. The SKILL.md does not instruct reading unrelated system files, accessing external endpoints, or exfiltrating data. It does suggest using Chinese during discovery, which is a UX guideline, not a security issue.
Install Mechanism
No install spec; this is an instruction-first skill with bundled scripts. All code is provided in the repository and there are no downloads, package installs, or external URLs invoked by the scripts.
Credentials
The skill declares no required environment variables, credentials, or config paths. The example command references CODEX_HOME only as a convenience variable; scripts themselves accept CLI args and do not read secrets or external environment values.
Persistence & Privilege
always:false and default model/autonomous invocation are preserved. The skill writes files only into user-specified target directories when invoked (init_skill), creates a small agents/openai.yaml, and packages/validates; it does not modify other skills or system-wide configs.
Assessment
This skill appears coherent and safe for the stated purpose: it scaffolds skills and provides validation/packaging scripts that act on local directories. Before running any script, review the scripts (they are included) and run them in a directory you control (not /, /etc, or other sensitive locations). Note that init_skill will create directories and write files (and example scripts are made executable), package_skill will create a zip after validation, and validate_skill enforces simple frontmatter rules. If you plan to run these on shared systems, consider running them in a sandbox or container and confirm the target --path is correct. If you need higher assurance, run the Python files with a linter or open them to review for any local modifications before execution.

Like a lobster shell, security has layers — review code before you run it.

latestvk972q7m0h6rn08pktss1zk2t7583fzej

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments