ClawHub

Config Manager - 配置管理器

v1.0.0

Manage dynamic, type-safe string, int, and bool configurations via key=value files for configurable, multi-environment applications.

0· 474·11 current·11 all-time
byLight F Star@gatsby047-oss
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description, SKILL.md, and included code.c implement a configuration manager (key=value loader, typed accessors, save/load). There are no unrelated environment variables, binaries, or external services requested — requirements are proportionate to the stated purpose.
Instruction Scope
SKILL.md instructs compiling and running the provided C source and demonstrates loading/saving config files. The runtime actions (reading and writing files specified by the user) are within scope for a config manager. Note: the demo and library read arbitrary file paths you pass to config_load_file/config_save_file — review and avoid loading untrusted files.
Install Mechanism
There is no install spec; this is an instruction-only skill that ships a C source file. This is lower-risk than fetching code at install time, but compiling and executing the included C binary runs with the user's privileges — review source before compiling.
Credentials
The skill declares no environment variables, credentials, or config paths. The code does not access environment variables or remote endpoints. Required privileges are limited to file I/O on paths you provide at runtime.
Persistence & Privilege
The skill is not force-included (always:false) and does not request persistent platform privileges or modify other skills. Autonomous invocation is allowed by default but this skill does not request elevated platform presence.
Assessment
This package is internally consistent with its description — it's a local C config manager. Before compiling/running: (1) review the C source (code.c) yourself to ensure it meets your security standards; it performs local file reads/writes only and has no networking. (2) Avoid running the compiled demo as root or with elevated privileges; run it under a least-privilege account. (3) Be cautious when loading config files from untrusted sources (config_load_file uses fopen on provided paths). (4) Note some minor code-quality issues: fixed buffer sizes (keys: 256, values: 1024), use of strncpy without explicit null-termination in some places, and no enforcement of key-length limits when callers provide keys — consider adding input length checks or using safe string functions before using in production. If you need networked or multi-user secure configuration features, this library will need additional hardening (validation, path sanitization, and optional encryption).

Like a lobster shell, security has layers — review code before you run it.

cvk97dna2j75hsqmqvd4nwfnpmp1827t4zconfigvk97dna2j75hsqmqvd4nwfnpmp1827t4zlatestvk97dna2j75hsqmqvd4nwfnpmp1827t4zrefactorvk97dna2j75hsqmqvd4nwfnpmp1827t4ztype-safevk97dna2j75hsqmqvd4nwfnpmp1827t4z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments