ui-debug-methodology
v1.0.0UI/前端问题调试方法论。当遇到 CSS、布局、组件行为等 UI 问题时,强制执行"先观察后动手"的调试流程,避免盲目尝试。
⭐ 0· 974·6 current·6 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill's name and description (UI/frontend debugging methodology) match the SKILL.md instructions. However, the document explicitly tells an AI agent to use Playwright to collect runtime data; the skill declares no required binaries or install steps. That mismatch is explainable (methodology can assume a debugging runtime) but worth noting because Playwright is not declared as a requirement.
Instruction Scope
Instructions stay within the stated purpose: observe DOM/state, understand mechanisms, isolate root cause, make minimal fixes, and verify. The included Playwright snippet shows how an agent can collect computed styles, outerHTML, visibility, and take screenshots — all relevant to debugging. The only scope concern is that screenshots and DOM captures can contain sensitive data; the instructions do not place restrictions on handling or transmitting collected artifacts.
Install Mechanism
There is no install spec (instruction-only skill), so nothing is written to disk by the skill itself. This is low-risk from an install mechanism perspective.
Credentials
The skill requests no environment variables or credentials, which is appropriate. But it implicitly expects runtime capabilities: a browser/Playwright environment and filesystem access (it saves screenshots to 'debug-before.png'). Confirm these capabilities exist and are acceptable in your agent environment before use.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify other skills/configuration. Autonomous invocation is allowed (platform default) but not in itself a red flag here.
Assessment
This skill is a coherent debugging methodology, but before using it confirm: (1) your agent runtime actually has Playwright or an equivalent browser automation tool available (the SKILL.md assumes it but does not declare it); (2) the agent is allowed to execute Playwright and write files (screenshots like 'debug-before.png') in the environment; (3) screenshots/DOM captures may contain sensitive data — decide where such artifacts are stored/transmitted and who can access them; (4) if you don't want the agent to run tooling autonomously, restrict the skill's invocation or test it in an isolated/dev environment first. If any of these are unacceptable, ask the skill author to declare required binaries and to add explicit data-handling rules.Like a lobster shell, security has layers — review code before you run it.
latestvk974by62wwzyenamwavfcesm9s820p67
License
MIT-0
Free to use, modify, and redistribute. No attribution required.