Nda Generator
v2.0.0保密协议生成器。双向/单向NDA、员工保密、审查、模板库。NDA generator with mutual, unilateral, employee versions. 保密协议、NDA。
⭐ 0· 385·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (NDA generator) match the shipped scripts: scripts/nda.sh generates mutual/unilateral/employee NDAs and scripts/script.sh provides a simple CLI/data storage helper. No unrelated capabilities (cloud, git, etc.) are requested.
Instruction Scope
SKILL.md instructs use of the CLI and redirecting output to a file. The scripts do not read system-wide secrets or other users' files, but they do write/read under a per-user data directory (by default $XDG_DATA_HOME or $HOME/.local/share/nda-generator). Generated NDA content and a history log will be stored locally, which may include sensitive information if you supply it.
Install Mechanism
No install spec / no external downloads. This is an instruction-only skill with included shell scripts, so nothing is fetched from the network during install.
Credentials
The scripts optionally honor NDA_GENERATOR_DIR and XDG_DATA_HOME/HOME for data location, which is appropriate. The skill declares no required environment variables or credentials and does not attempt to access unrelated config or secrets.
Persistence & Privilege
The tool creates a per-user data directory and writes data.log and history.log under it, which is expected for a CLI tool that saves entries. This is persistent storage of user-provided content; consider where those files are placed and who can read them.
Assessment
This skill appears to be what it claims: a local NDA generator implemented in bash. Before installing or running it: (1) be aware that generated NDA text and command history are written to a data directory (default: $NDA_GENERATOR_DIR or $XDG_DATA_HOME/$HOME/.local/share/nda-generator) — these files may contain sensitive information, so pick a secure location and check file permissions; (2) review the scripts yourself (they are small and included) if you have any doubt; (3) there are no network calls or credential requests in the code, but treat generated legal text as reference only (the script already includes a disclaimer) and consult a lawyer before use; (4) do not run as root to avoid broad filesystem writes. If you want higher assurance, verify the upstream source (homepage/source repo) before use.Like a lobster shell, security has layers — review code before you run it.
latestvk97ap64wdq57wxj3mae5argctx8323p6productivityvk979mwq8e3sg9ctehbzw20842x82p9fg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.