ClawHub

XPR Code Sandbox

v0.2.11

Execute JavaScript code in a secure sandbox for data processing, computation, and quick expression evaluation without network or filesystem access.

0· 817·3 current·3 all-time
by@paulgnz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name, description, declared tools (execute_js, eval_expression) and the included src/index.ts align: the implementation uses Node's vm to run JS with explicit globals and blocked require/process/global access. No unrelated env vars, binaries, or installs are requested.
Instruction Scope
SKILL.md limits scope to isolated JS execution and explicitly forbids network/filesystem/imports; the code enforces these restrictions by creating a limited context and undefining require/process/global. However, vm-based sandboxes can be subtle to get correct — the instructions do not permit reading system state or secrets, and the code does not appear to do so, but there remains a non-zero risk of sandbox escape vectors in complex JS environments.
Install Mechanism
No install spec; skill is instruction/code-only and uses Node built-ins. Nothing in the manifest pulls external code or runs remote installers.
Credentials
The skill requires no environment variables, no credentials, and no config paths. The code does not access process.env or other outside credentials. Requested privileges are proportional to the stated purpose.
Persistence & Privilege
always is false; the skill is user-invocable and allows autonomous invocation (platform default). It does not modify other skills or request permanent elevated presence.
Assessment
This skill appears internally consistent for running JavaScript computations in a sandbox and does not ask for credentials or installs. Before installing, consider: (1) provenance — the source/homepage is unknown; prefer skills from known authors. (2) Treat it as untrusted when executing third-party code: test with non-sensitive inputs and small timeouts. (3) Although the code explicitly blocks require/process/global and disables code-generation-from-strings, vm-based sandboxes have historically had escape techniques — avoid sending secrets or sensitive data into the sandbox. (4) If you need stronger guarantees, run similar workloads in a dedicated, isolated execution environment (separate process/container) or seek a sandbox with formal audits.

Like a lobster shell, security has layers — review code before you run it.

codevk978b2svberazzd89zg3bqw73n813phmjavascriptvk978b2svberazzd89zg3bqw73n813phmlatestvk978b2svberazzd89zg3bqw73n813phmsandboxvk978b2svberazzd89zg3bqw73n813phmxprvk978b2svberazzd89zg3bqw73n813phm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments