ClawHub

Skill Checker

v1.0.1

Audit a target SKILL.md against the Agent Skills specification and generate a Chinese HTML report. Use when the user asks to check, audit, review, or optimiz...

0· 117·0 current·0 all-time
by@oahc09
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included code and tests. The project contains a Python checker script, fixtures, a checklist, and docs; all requested functionality (auditing SKILL.md and producing an HTML report) is implemented and proportional to the stated purpose.
Instruction Scope
SKILL.md instructs the agent to run the local Python script against a SKILL.md path or skill directory, resolves SKILL.md, and writes an HTML report. The checker only reads the supplied SKILL.md and its directory name; there are no instructions to read unrelated files, system credentials, or to transmit data to external endpoints.
Install Mechanism
No install spec is provided (instruction-only with accompanying scripts). The shipped code is pure Python and tests; nothing downloads or extracts external archives or adds packages at install time.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. The code performs local file I/O only and does not access environment secrets.
Persistence & Privilege
always is false and the skill does not request persistent or elevated platform privileges. It only writes its own HTML report output when asked and does not modify other skills or global agent configuration.
Assessment
This skill appears coherent and limited: it reads a specified SKILL.md (or skill directory), validates frontmatter and body rules, and writes a local HTML report. Before installing or running it: inspect scripts/check_skill.py if you want to be extra cautious (the code is local Python and easy to review), run tests if you need assurance, and choose an explicit --out path so you know where the HTML report will be written. There are no network calls or secret requirements, but as with any tool that reads files, avoid pointing it at sensitive directories you don't want scanned or logged.

Like a lobster shell, security has layers — review code before you run it.

latestvk971e1rdavg3wbx82j4m9bgpmx83jctt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments