ClawHub

Skill Dedup Scanner

v1.0.0

Scans installed skills for duplicates and naming conflicts. Detects similar skills that may cause model confusion. Use before publishing new skills or when t...

0· 96·0 current·0 all-time
by@shyjsarah
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (duplicate detection) match the code: the scanner reads SKILL.md frontmatter (name, description) from a skills directory, computes text similarity, and generates a report. Required artifacts (local skill files) and a lightweight YAML dependency are proportionate.
Instruction Scope
Runtime instructions tell the agent to run scripts/main.py against a skills directory; the code only reads SKILL.md files and frontmatter, computes similarities, and writes a report. Note: the scanner reads the entire SKILL.md into memory ('full_content'), so if those files contain sensitive data, that data could appear in memory and potentially in generated reports if you explicitly output them — the provided report generator only includes name/description snippets, not full content.
Install Mechanism
No install spec in registry; project is instruction+code only. The only declared dependency is PyYAML in requirements.txt, which is reasonable and expected.
Credentials
The skill requests no environment variables, no credentials, and no config paths. It does auto-detect system locale (uses Python locale) which is reasonable for its i18n feature.
Persistence & Privilege
No 'always: true' flag, no persistent system-wide changes, and no modification of other skills' configs. The tool may write an output report if given an output path, which is expected behavior.
Assessment
This package appears to do what it says: scan SKILL.md frontmatter and compare names/descriptions using SequenceMatcher. Before running: (1) inspect SKILL.md files for any sensitive data — although the report generator doesn't include full SKILL.md content, the scanner reads it into memory and you may choose to write reports to files; (2) be aware the similarity check is a simple text-based matcher (difflib.SequenceMatcher), not a semantic embedding model — it may miss conceptual similarity or over/under-report similarity; (3) the tool exits with status 1 when conflicts are found, which may cause CI or scripts to treat the run as a failure; (4) if you plan to run this in an environment that aggregates reports or shares outputs, avoid including directories that contain secrets. If you need stronger semantic similarity, consider using an embedding-based approach.

Like a lobster shell, security has layers — review code before you run it.

dedupvk970hw6cq56sbs706j3ar46t49835zscduplicate-detectorvk970hw6cq56sbs706j3ar46t49835zsclatestvk970hw6cq56sbs706j3ar46t49835zscmulti-languagevk970hw6cq56sbs706j3ar46t49835zscskill-scannervk970hw6cq56sbs706j3ar46t49835zsc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments