ClawHub

yaml-config

v0.1.0

Use this skill when reading or writing YAML configuration files, loading vehicle parameters, or handling config file parsing with proper error handling.

0· 18·0 current·0 all-time
by@wu-uk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (YAML config handling, vehicle params) match the instructions, which show reading, safe parsing, writing, optional default merging, and basic error handling. No unrelated capabilities or credentials are requested.
Instruction Scope
SKILL.md stays on-topic and only demonstrates opening/reading/writing local YAML files and merging defaults. It correctly recommends yaml.safe_load. Note: examples reference filenames like 'config.yaml' and 'output.yaml' but do not discuss validating or sanitizing external data beyond YAML parsing; for vehicle or safety-critical parameters the operator should add strict schema/validation steps and avoid loading untrusted files.
Install Mechanism
Instruction-only skill with no install spec — lowest risk. One minor practical omission: examples import the 'yaml' module (PyYAML) but the SKILL.md does not mention ensuring that PyYAML is installed; this is an operational note rather than a security inconsistency.
Credentials
No environment variables, credentials, or config paths are requested. File I/O is limited to the example file paths and does not attempt to access unrelated system config or secrets.
Persistence & Privilege
Skill is user-invocable and not 'always'. It does not request persistent installation, system modification, or changes to other skills. Autonomous invocation is allowed (platform default) but not combined with other red flags.
Assessment
This skill appears coherent and low-risk: it demonstrates safe YAML parsing (yaml.safe_load), writing, and basic error handling. Before using it with safety-critical data (e.g., vehicle parameters), add explicit schema validation, bounds checks, and provenance/trust checks on input files. Ensure the runtime has PyYAML installed (or add instructions to install it). Be mindful of file paths and permissions so config reads/writes don't accidentally expose or overwrite sensitive files.

Like a lobster shell, security has layers — review code before you run it.

latestvk977hsqb1yrhxr6dzh5pcan81184sqzb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments