ClawHub

Open Source License

v1.0.0

Open Source License guidance, selection, compliance review, and drafting. Use this skill when users ask about choosing open source licenses, checking license...

1· 45·0 current·0 all-time
byXudong Guo@sunny0826
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name and description (license selection, comparison, compliance review, drafting) match the included files and runtime instructions. It requests no binaries, no environment variables, and no installs, which is proportionate for a documentation-and-template skill. Minor metadata mismatch: the registry entry lists Source: unknown and no homepage, but SKILL.md contains homepage and repository fields pointing to skala.io / github; this is likely a packaging/registry metadata omission rather than functionality risk.
Instruction Scope
SKILL.md instructs the agent to read bundled reference files and, for compliance reviews, to "identify all licenses in the project" and check compatibility. That scope is appropriate for the described capability, but it implies the agent will need to access the user's project files (or have the user paste repo contents). The skill does not instruct reading unrelated system files or secrets, nor does it call external endpoints beyond linking to canonical license sources.
Install Mechanism
There is no install spec and no code files that execute; the skill is instruction-only with static reference documents and templates. This is the lowest-risk install mechanism.
Credentials
The skill requires no environment variables, credentials, or config paths. Templates and guidance are self-contained; requests for access to project files during a compliance review are reasonable and proportional to the stated purpose.
Persistence & Privilege
always:false and default autonomous-invocation settings are used. The skill does not request persistent elevated privileges or modify other skills. There are no indications it would persist secrets or reconfigure the agent.
Assessment
This skill appears coherent and low-risk: it is a documentation/template skill for license selection, compliance checks, and generating LICENSE/NOTICE/headers. It does not request credentials or install code. Before using it for a compliance review, be aware the agent will need access to your repository files (or you will need to paste them) so it can "identify all licenses in the project." The skill includes canonical license texts (including Mulan PSL v2); follow its rule to use canonical texts and consult a licensed attorney for legal advice or complex/commercial situations. Also note the minor metadata mismatch (registry shows no homepage while SKILL.md lists one) — this is informational and not a functional concern.

Like a lobster shell, security has layers — review code before you run it.

latestvk971ybvfffzgt6c5wmgmecw2x183ygw5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments