ClawHub

test

v1.0.0

Verify technical accuracy of JavaScript concept pages by checking code examples, MDN/ECMAScript compliance, and external resources to prevent misinformation

0· 63·0 current·0 all-time
by@thulof
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (JavaScript fact-checking) align with the SKILL.md instructions (check code examples, MDN, ECMAScript spec, run tests). However, the instructions assume access to the project repository and the ability to run npm tests even though no required binaries, config paths, or repo access are declared in the metadata.
Instruction Scope
Instructions are focused on verifying code blocks, MDN links, tests, and spec references. They do not request unrelated system files or unrelated credentials. They do direct the agent to read project files and run tests, and to fetch external docs (MDN, spec), which is consistent with the stated purpose.
Install Mechanism
No install spec is provided (instruction-only). This minimizes disk/installation risk.
Credentials
No environment variables or credentials are requested, which is appropriate. But the skill implicitly requires access to the repository files and runtime tools (node/npm) and outbound network access to MDN/CanIUse/tc39 — these are not declared in metadata and should be documented.
Persistence & Privilege
The skill does not request persistent/always-enabled presence and does not modify other skills or global agent configuration. Autonomous invocation is allowed by default, which is normal.
Assessment
This skill appears to do what it says: read concept pages, run tests, and verify MDN/spec links. Before installing, confirm where the skill will run and that it has safe access to the repository (it expects /tests/... and to run `npm test`). Consider asking the publisher to: (1) declare required binaries (node, npm) in metadata, (2) document required filesystem scope (which repo/path the skill will read), and (3) state whether network access to MDN/CanIUse/tc39 is required. Because the skill runs code and tests, avoid running it on high-value or sensitive systems until you trust the repository and tests (malicious or buggy tests could run arbitrary code).

Like a lobster shell, security has layers — review code before you run it.

latestvk970xyr7mgvfk77t25ehgv3x2183mth7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments