ClawHub

Python Cookbook

v1.0.1

Python code patterns and recipes for everyday tasks. Use when you need file I/O snippets, list comprehensions, decorators, async functions, regex patterns, d...

0· 24·1 current·1 all-time
by@loutai0307-prog
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Python code patterns, snippets, lint/format/run/debug) align with the included script.sh which implements snippet, run, lint, format, and debug commands. No unrelated binaries, credentials, or config paths are requested.
Instruction Scope
The SKILL.md and script clearly instruct the agent to display snippets and to execute Python code (inline or from a file). Executing arbitrary Python code is coherent with a 'cookbook' that offers a 'run' command, but it inherently allows any code the user (or agent) supplies to run, including network access or local file access. This is expected functionality but is a security surface the user should treat as untrusted — the skill does not itself exfiltrate data or contact external endpoints unless the executed snippet does so.
Install Mechanism
No install spec; the skill is instruction-only with a small shipped script.sh. Nothing is downloaded or written to disk during install, and no external package installs are requested by the skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. The SKILL.md notes optional tools (black or autopep8) and requires bash and python3, which are proportionate to its stated functionality.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide configs, and uses the platform defaults for invocation. Autonomous invocation is allowed by default but is not combined with other high-risk indicators here.
Assessment
This skill appears to do what it says: show Python snippets and run/lint/format/debug code. Before using it: (1) Inspect any snippet or file before running it — the 'run' command will execute arbitrary Python, which can read/write files or make network requests. (2) Run untrusted code in a sandbox or container and avoid exposing sensitive files or credentials to it. (3) Only install/enable formatters (black/autopep8) you trust. (4) Note the source/publisher is unknown — exercise normal caution when running code from third parties.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e3ae5bzsdc65c0yeqnp0an9850v65

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments