ClawHub

Uxc Skill Creator

v1.0.0

Create wrapper skills that call remote tools through UXC. Use when defining a new provider skill and you need reusable templates, validation rules, and anti-...

0· 300·2 current·2 all-time
by@jolestar
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the contents: templates, anti-patterns, workflow and a validation script are exactly what you'd expect from a skill that helps authors build uxc-based wrapper skills. There are no unrelated env vars, binaries, or install steps requested.
Instruction Scope
The SKILL.md explicitly instructs the agent/author to perform web searches and probe user-provided endpoints (e.g., `uxc <endpoint> -h`) and to run local binding checks (`uxc auth binding match <endpoint>`). This behavior is coherent with the stated purpose (discovering protocol/auth), but it does involve active network probing and checks of local auth bindings — the user should expect those network and local-auth interactions and review any generated commands before executing them.
Install Mechanism
No install spec and no archive downloads — the skill is instruction-only and ships only text and a validation script. That is the lowest-risk install mechanism for this purpose.
Credentials
The skill requests no environment variables or credentials, which is appropriate. One minor inconsistency: the runtime docs and scripts assume `uxc` is available and the validate script requires `rg` (ripgrep), but the skill metadata's 'required binaries' list is empty — this is not dangerous but you should ensure those tools exist in your environment before using the validation flow.
Persistence & Privilege
The skill is not marked always:true and does not request persistent privileges or modify other skills' configs. It mainly generates documentation and a validation script; normal autonomy (model invocation allowed) is appropriate here.
Assessment
This skill appears coherent and is intended as a developer toolkit for authoring uxc wrapper skills. Before using it: (1) ensure you or your agent are comfortable with the skill performing web searches and probing the endpoints you supply (these probes are necessary to discover protocol/auth but will send requests to the target host); (2) confirm `uxc` is installed and available to any agent or user running the generated commands; (3) install ripgrep (`rg`) if you will run the provided validate.sh locally; (4) review any generated SKILL.md and any proposed `uxc link` or auth-binding commands before executing them, especially against private or production endpoints; and (5) if you need higher assurance, ask the publisher for a homepage or source repository so you can review provenance and history.

Like a lobster shell, security has layers — review code before you run it.

latestvk970wmxwbhz84jjzzm5tb61keh826tb2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments