ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Web Design Guidelines

Review UI code for Web Interface Guidelines compliance. Use when asked to "review my UI", "check accessibility", "audit design", "review UX", or "check my si...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
1 · 119 · 0 current installs · 0 all-time installs
by@soponcd
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and runtime instructions align: the skill reviews UI code against a set of guidelines and asks the user for files/patterns to inspect. No unrelated credentials, binaries, or install steps are requested.
Instruction Scope
Runtime instructions require fetching guidelines from https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md before each review and then reading user-specified files. Fetching and following externally hosted, live content can change the agent's behavior at any time; otherwise the instructions stay within the stated scope (read provided files, apply rules, output file:line findings).
Install Mechanism
No install spec and no code files — instruction-only skill, so nothing is written to disk by the skill itself. Low install risk.
Credentials
The skill declares no environment variables, no credentials, and no config paths. It does not request broad access to unrelated services or secrets.
Persistence & Privilege
always is false and model invocation is enabled (default). The skill does not request persistent system-wide changes or privileged presence.
What to consider before installing
This skill is logically consistent for reviewing UI files, but it fetches live rules from a raw GitHub URL each time — that remote file could be changed to alter agent behavior. Before installing or using it: (1) verify and trust the source URL; consider pinning to a specific commit (or supply the guidelines locally) instead of fetching a moving target; (2) inspect the fetched guidelines before running reviews to ensure they don't instruct unexpected network calls or sensitive operations; (3) avoid giving the skill patterns that point to sensitive system files or credentials — only provide project UI files for review; and (4) if you need a higher assurance, ask the maintainer to include the guidelines in the skill bundle or provide a verified checksum for the remote file.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97cd5vh53cx0ga537w0pk1rs183kzq3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎨 Clawdis

SKILL.md

Web Interface Guidelines

Review files for compliance with Web Interface Guidelines.

How It Works

  1. Fetch the latest guidelines from the source URL below
  2. Read the specified files (or prompt user for files/pattern)
  3. Check against all rules in the fetched guidelines
  4. Output findings in the terse file:line format

Guidelines Source

Fetch fresh guidelines before each review:

https://raw.githubusercontent.com/vercel-labs/web-interface-guidelines/main/command.md

Use WebFetch to retrieve the latest rules. The fetched content contains all the rules and output format instructions.

Usage

When a user provides a file or pattern argument:

  1. Fetch guidelines from the source URL above
  2. Read the specified files
  3. Apply all rules from the fetched guidelines
  4. Output findings using the format specified in the guidelines

If no files specified, ask the user which files to review.

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…