ClawHub

Python Coding Guidelines

v1.0.0

Python coding guidelines and best practices. Use when writing, reviewing, or refactoring Python code. Enforces PEP 8 style, syntax validation via py_compile, unit test execution, modern Python versions only (no EOL), uv for dependency management when available, and idiomatic Pythonic patterns.

8· 8.6k·96 current·101 all-time
byAdarsh Divakaran@adarshdigievo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (PEP8, py_compile, pytest, dependency management) matches the SKILL.md commands and recommendations. It does not request unrelated credentials, binaries, or system paths.
Instruction Scope
Instructions are limited to linting/formatting, syntax checks, running tests, and dependency management (uv/pip/venv). This is expected for a coding-guidelines skill, but some instructions (e.g., pip install <package>, uv venv, running tests) will execute code and fetch packages from the network — so runtime actions can modify the environment or execute arbitrary project/test code and should be run in a sandbox or after inspection.
Install Mechanism
No install spec is provided (instruction-only), so nothing is written to disk by the skill itself. This is the lowest-risk model and aligns with the stated purpose.
Credentials
The skill declares no environment variables, credentials, or config paths. The SKILL.md does not reference hidden credentials or unrelated environment data.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent/system-wide privileges or modify other skills' configurations.
Assessment
This skill is internally consistent and safe as a set of guidelines. Before allowing it to run commands from the SKILL.md, remember: the recommended runtime commands (pytest, py_compile, pip/uv installs, creating/activating venvs) will execute project code and may fetch and install packages from PyPI or other registries. Run these commands in an isolated environment (container or disposable virtualenv), review any package names the agent plans to install, and avoid automatic network installs on sensitive hosts. If you allow autonomous invocation, ensure the agent is permitted to run tests and installs only in safe contexts.

Like a lobster shell, security has layers — review code before you run it.

latestvk9796q6xa7jnbmxsz4a8hcf0c180fa1b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments