Project Narrator
v1.1.0Generate, audit, and maintain a PROJECT-NARRATIVE.md file — a single-source-of-truth document that captures your entire project's architecture, decisions, in...
⭐ 0· 99·0 current·0 all-time
by@tcd004
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the behavior: the Python scripts scan the workspace, read package/config files, inspect git history, and produce/audit a narrative. The declared requirements (none) align with the code — scripts use only stdlib and rely on local filesystem/git. No unrelated credentials, binaries, or install steps are requested.
Instruction Scope
SKILL.md instructs the agent to scan the codebase, run the included scripts, and run git commands; this matches the scripts. A few instructions can broaden the agent's reach: (1) document credential/ID locations (explicitly without secrets) and (2) optionally check OpenClaw cron jobs and run --check-urls in the audit script. These steps can reveal where secrets are stored (paths/names) and cause outbound network requests if --check-urls is used. The instructions otherwise avoid blind rewriting and require user review before fixes.
Install Mechanism
There is no install spec and the included Python scripts use only the standard library. Nothing is downloaded or extracted from external URLs and no package managers are invoked by the skill during install.
Credentials
The skill does not request environment variables or credentials. It legitimately needs filesystem and git access to function. Caveats: (1) it parses .env.example (not .env) but SKILL.md asks the agent to record where credentials/IDs are stored (not their values) — this may reveal paths where secrets live; (2) the audit script has an optional URL-checking mode that will perform outbound HTTP(S) requests to URLs referenced in the narrative. Both behaviors are plausible for the stated purpose but are worth awareness.
Persistence & Privilege
always is false and model invocation is allowed (platform default). The skill does not request permanent system-wide presence or attempt to modify other skills' configs. No privileged persistence behaviors are present in the files.
Scan Findings in Context
[subprocess-run] expected: generate.py uses subprocess.run via run_cmd to call git (git remote, git log, branch) which is expected for gathering repo metadata. The script restricts calls to diagnostic commands and handles failures.
[urllib-request] expected: audit.py uses urllib.request to optionally check URLs when run with --check-urls. This is an explicit optional behavior to validate external links referenced in the narrative.
[filesystem-read] expected: Both scripts read many files (package.json, pyproject.toml, .env.example, scripts/, infra files). Filesystem access is central to the skill's purpose; scripts avoid trying to read actual secret values (they parse .env.example and document locations rather than values).
Assessment
This skill appears to do what it says: scan a repository, generate a narrative scaffold, and audit it. Before installing or running it: 1) Review the included scripts (they are small and stdlib-only) and run them locally in a safe environment (not a machine with broad network access to sensitive internal services). 2) Avoid running the audit with --check-urls if you don't want the tool to probe URLs referenced in your docs (it will make outbound HTTP requests). 3) Be aware the tool will note where credentials/IDs are stored (paths/names) but not their values; if you don't want those paths documented, remove or sanitize them before running. 4) The tool needs read access to the repo and to run git commands; don't run it with elevated privileges or in environments containing secrets you don't want scanned. If you want higher assurance, run the scripts on a clone of the repo with secrets removed or in an isolated environment.Like a lobster shell, security has layers — review code before you run it.
latestvk97c8t0rrdk92ffhyz0jw762m5833ypa
License
MIT-0
Free to use, modify, and redistribute. No attribution required.