ClawHub

Webperf Media

v0.1.0

Intelligent media optimization with automated workflows for images, videos, and SVGs. Includes decision trees that detect LCP images (triggers format/lazy-lo...

0· 181·0 current·0 all-time
by@nucliweb
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included scripts and workflows: the three JS snippets audit images, videos, and SVGs in-page, and the SKILL.md describes decision trees that run those snippets and cross-reference related webperf skills.
Instruction Scope
Runtime instructions target Chrome DevTools MCP (evaluate_script / get_console_message) and stay within the declared domain (page DOM and performance resources). The scripts fetch resource headers and bodies (e.g., content-type for images, SVG text) and return structured JSON; this is expected for content analysis but will reveal resource URLs, sizes, and inline SVG contents from the inspected page. The SKILL.md also instructs cross-skill calls which may trigger additional audits.
Install Mechanism
No install spec — instruction-only skill. The included JS snippets are executed in the browser context; nothing is downloaded or installed by the platform.
Credentials
No environment variables, binaries, or credentials are requested. The skill operates in the page/browser context and does not ask for unrelated cloud or system credentials.
Persistence & Privilege
Skill is not always-enabled and does not request system-wide configuration changes. Autonomous invocation is allowed (platform default) but does not combine with other privilege escalations.
Assessment
This skill appears coherent for performing media audits in Chrome DevTools: it runs small JavaScript snippets inside the inspected page, reads the DOM and performance/resource entries, and fetches image/SVG resources to determine formats, sizes, and other metadata. Before running it, be aware that: (1) the scripts will observe and return resource URLs and some resource contents (e.g., SVG text and estimated bytes) from whichever page you inspect — so avoid running on pages with sensitive or private data you do not want exposed to the agent; (2) the decision tree can trigger additional cross-skill audits (those other skills will similarly inspect the page); and (3) this skill requires Chrome DevTools MCP access (evaluate_script) to function. If you are comfortable with the agent having read access to the inspected page and its loaded resources, the skill's requests are proportionate to its purpose.

Like a lobster shell, security has layers — review code before you run it.

latestvk976rwztgvw8b178bkm0pvx2fx82q2gn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments