Chartjs
v1.0.0Chart.js charting skill. Used to generate visual charts such as line charts, bar charts, pie charts, radar charts, scatter plots, etc.
⭐ 0· 53·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (Chart.js charting helper) matches the SKILL.md and reference content. The skill only documents how to install and use Chart.js and related adapters/plugins; nothing requests unrelated services, credentials, or system access.
Instruction Scope
Runtime instructions are documentation and examples (npm install, CDN script tag, example code, tips about using puppeteer/canvas to produce screenshots). The instructions do not direct the agent to read arbitrary system files, access environment variables, or exfiltrate data. The only external network endpoint mentioned is a well-known CDN (jsdelivr) and npm packages relevant to Chart.js.
Install Mechanism
There is no install spec in the registry (instruction-only). The SKILL.md recommends npm and a CDN (jsdelivr) which are standard for front-end libs. It also mentions optional tools like puppeteer/canvas and chartjs-adapter-moment—these are reasonable for image/screenshot generation but would install heavier dependencies if the user chooses that output path.
Credentials
The skill requires no environment variables, credentials, or config paths. Examples reference common JS/browser APIs and optional npm packages only, which are proportionate to chart generation.
Persistence & Privilege
always is false and there is no install action that would persist or modify other skills or system config. The skill being instruction-only means it does not request persistent privileges.
Assessment
This is documentation-style help for Chart.js and appears coherent. It does not ask for credentials or system access. Things to keep in mind before you act on its instructions: if you follow the npm install or puppeteer/canvas suggestions, you will install third-party packages—verify package versions and sources and avoid running arbitrary post-install scripts; the CDN link (jsdelivr) is a common choice but will load remote code into a page, so only use it for trusted environments; generating screenshots with a headless browser can access local resources if run on your machine, so review any code the agent proposes to execute and approve installs/commands manually.Like a lobster shell, security has layers — review code before you run it.
latestvk97ag1cg2jrtwm1cg72vjbhf7n84mhs7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.