Developer Essentials
PassAudited by ClawScan on May 16, 2026.
Overview
This is an instruction-only developer cheatsheet; it includes powerful command examples, but they are disclosed and aligned with the skill’s purpose.
This skill appears safe as a reference guide, but its examples include commands that can delete data or modify services. Read each command carefully, replace placeholders deliberately, and avoid pasting real secrets directly into terminals or shared logs.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If copied without understanding, some commands could remove files, discard work, or change running infrastructure.
The skill provides copy-paste command examples that can delete or mutate local files, Git history, Docker resources, and Kubernetes resources.
git reset --hard HEAD~1 # Destroy last commit ... docker system prune -a # Remove all unused ... kubectl delete -f manifest.yaml ... rm -rf dir
Treat the commands as examples only; confirm the target repository, container, cluster, namespace, and file path before running any destructive command.
A real bearer token grants access to the relevant API, so using it in commands should be done carefully.
The curl cheatsheet shows a standard placeholder for API authorization. There is no evidence the skill collects, stores, or transmits a real token, but users may substitute their own credentials.
-H "Authorization: Bearer token"
Avoid sharing commands containing real tokens, and prefer environment variables or secret managers instead of pasting tokens directly into shell history.