ClawHub

Code Explore

v0.1.0

Analyze local codebase to explain directory structure, entrypoints, dependencies, call chains, and data flow without modifying code.

0· 62·0 current·0 all-time
by@sf0799
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the SKILL.md: the skill's goal is to inspect a local codebase and explain structure, entry points, dependencies, call paths, and data flow. It does not declare unrelated binaries, env vars, or install steps.
Instruction Scope
SKILL.md explicitly limits actions to reading/analyzing code and states 'do not change code.' It focuses on reading repo files (directory structure, imports/exports, call chains) and marking unknowns. It does not instruct the agent to read unrelated system files, credentials, or to transmit data externally.
Install Mechanism
This is an instruction-only skill with no install spec and no code files to execute. Nothing is written to disk or downloaded by the skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. Its requested access (read-only access to the repository files) is proportionate to its stated purpose. Note: while the skill itself doesn't request secrets, analysis of a repo that contains secrets could reveal them in outputs.
Persistence & Privilege
always is false and there are no install hooks or behavior that would modify agent/system configuration. The skill does not request permanent presence or permissions beyond runtime read access to the codebase.
Assessment
This skill appears coherent and only asks the agent to read and analyze code; it does not request credentials or install software. Before enabling: (1) confirm the agent will only have read access to the target repository and not broader host files, (2) avoid running it on repos that contain secrets or credentials (remove or mask sensitive files first), and (3) review any analysis outputs before sharing them, since they could include snippets from the codebase. If you need stricter controls, run the skill against a sanitized copy of the project or restrict the agent's file access scope.

Like a lobster shell, security has layers — review code before you run it.

latestvk9760dp1w4zf13b8y2er79fff184bx58

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments