Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
UI/UX Design and Development
v1.0.0Generate and serve live HTML/CSS/JS UI designs from natural language prompts. Use when the user asks to design, create, build, or prototype a website, landing page, UI, dashboard, web page, or frontend mockup. Also triggers on requests to update, tweak, or iterate on a previously generated design. Replaces traditional UI design + frontend dev workflow.
⭐ 1· 1.8k·9 current·9 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to generate and serve HTML/CSS/JS prototypes — that legitimately can require a static web server (or headless browser for screenshots). However, the packaged scripts perform system-level operations (sudo, write /etc/nginx sites-available, enable site, reload nginx) and assume binaries (nginx, chromium, cwebp, numfmt) exist. The registry metadata declares no required binaries or credentials, so the amount and nature of system access is not reflected in the manifest.
Instruction Scope
SKILL.md instructs the agent to create project directories, read/write project.json, write configuration to TOOLS.md, run setup.sh (which edits system nginx config) and run screenshot/convert scripts. Writing to TOOLS.md could overwrite agent tooling/config files depending on environment. The instructions also demand frequent status messages and using the 'message tool' to send files. These file and system writes go beyond just producing local prototype files and grant the skill broad discretion over system state.
Install Mechanism
There is no formal install spec, but the included scripts will be executed. setup.sh uses sudo and modifies /etc/nginx, which requires root and can affect other services. screenshot.sh calls headless Chromium; convert-image.sh calls cwebp and numfmt. These are not declared as requirements and are high-friction operations (writing system configs, reloading services) — a non-trivial install/operation risk.
Credentials
The skill declares no required environment variables or credentials, but the runtime behavior implicitly requires elevated privileges (sudo) and existing system services/binaries. That mismatch is concerning: the skill may prompt for or rely on root access without declaring that need. No network credentials are requested and there are no obvious exfiltration endpoints in the scripts, but the lack of explicit dependency/declaration reduces transparency.
Persistence & Privilege
always is false (normal), but setup.sh persists changes system-wide (nginx site config, files under /var/www/ui-designer). That grants the skill lasting presence on the host and can impact other hosted sites. The skill does not modify other skills' configs explicitly, but writing to a global TOOLS.md (as instructed) and system config files is persistent and high-privilege behavior that should be explicitly authorized.
What to consider before installing
This skill otherwise appears coherent for generating and previewing front-end prototypes, but the included scripts require root and several system binaries that are not declared. Before installing or running it:
- Inspect the scripts yourself. setup.sh will run sudo, create /var/www/ui-designer, write an nginx site file to /etc/nginx/sites-available, link it to sites-enabled, and reload nginx — this can overwrite or interfere with existing web sites and requires root. If you do not want system-wide changes, do not run setup.sh as-is.
- Ensure required binaries are present or run in an isolated environment: headless chromium (for screenshot.sh), cwebp (for convert-image.sh), numfmt/stat variants, nginx. If you lack these, the scripts will fail.
- Prefer running the workflow inside a disposable VM or container (or change the serve_dir to a directory you control and avoid using sudo) so the skill can't modify system nginx or other host services.
- Be cautious about TOOLS.md: SKILL.md tells the agent to save config there — confirm what file that is in your environment to avoid overwriting tool or agent config files.
- If you plan to allow the skill to run autonomously, require stricter limits: remove sudo from setup.sh, expose a non-privileged serve directory (e.g., in your home), or provide a documented install step that the admin performs manually.
- Ask the publisher for a list of explicit prerequisites (packages and permissions), and for a version of setup.sh that runs without sudo or that only outputs the suggested nginx config for manual review and install.
What would change this assessment: an updated manifest declaring required binaries and permissions, a non-privileged setup mode (no sudo or system nginx modification), or explicit instructions to run setup only manually with admin review. Without those, the skill is suspicious because it performs undeclared privileged actions.Like a lobster shell, security has layers — review code before you run it.
latestvk97fg3gghts7shkhc4t0303z4x80y375
License
MIT-0
Free to use, modify, and redistribute. No attribution required.