ClawHub

Skill Studio

v1.0.1

Create, validate, and publish OpenClaw Skills through conversation. Use when user wants to create a new skill, build a ClawHub plugin, generate SKILL.md, or...

0· 103·0 current·0 all-time
by@tobewin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (create, validate, publish skills) align with required binaries (curl, python3, npm) and the declared OPENCLAW_WORKSPACE. curl is reasonable for API checks or examples, python3 for the validation script, and npm for the ClawHub CLI referenced in the publish guide. Only minor oddity: OPENCLAW_WORKSPACE is declared as the primaryEnv even though it is a workspace path (not a secret credential).
Instruction Scope
SKILL.md instructs the agent to read and validate SKILL.md files under the OPENCLAW_WORKSPACE and includes an auto-validation script and 'one-click fix' behavior. Reading and editing files in a user workspace is coherent for this tool, but it means the agent will access (and potentially modify) arbitrary files under the workspace path — users should review generated fixes before applying or publishing. The instructions do not embed hidden network endpoints or curl|bash install pipelines; the references explicitly warn against remote 'curl | bash' patterns.
Install Mechanism
This is an instruction-only skill with no install spec or remote downloads. The included references suggest installing the ClawHub CLI via npm (user-driven), which is expected. There are no obscure download URLs or archive extracts in the skill bundle.
Credentials
The only required env var is OPENCLAW_WORKSPACE, which is appropriate for a tool that reads/writes skill files. It does not request secrets by default. However, the skill's workflow can prompt users to declare API_KEY-type env vars for the skills they create, and the publish guide instructs using ClawHub tokens for publishing — so users may end up providing tokens when they actually publish. Also note the minor mismatch of marking a workspace path as the 'primaryEnv'.
Persistence & Privilege
The skill is not 'always' enabled and uses normal model invocation. It does not request system-wide configuration changes or privileges, and there is no evidence it modifies other skills' configs. Its ability to read/write files is expected for an authoring tool but is limited to the workspace the user points to.
Scan Findings in Context
[instruction-only-no-code-files] expected: The static scanner found no code files or regex matches because the skill is instruction-only; this is expected for a skill that provides templates and guidance rather than executable code.
Assessment
This skill appears to do what it says, but please take these precautions before installing or using it: 1) Set OPENCLAW_WORKSPACE to a dedicated directory you control (so the agent only reads/writes files you expect). 2) Review any generated SKILL.md and any 'auto-fix' edits before applying them — the agent can edit files in that workspace. 3) Publishing requires the ClawHub CLI and a ClawHub token; only supply those tokens when you intend to publish and store them securely. 4) Watch for any commands the agent asks you to run (npm installs, clawhub publish, or curl commands); avoid running piped remote-install commands (curl | bash). 5) Consider renaming the primaryEnv metadata if you want to avoid marking a workspace path as a 'credential'.

Like a lobster shell, security has layers — review code before you run it.

latestvk974s70tt2j8tbbpzmgpqzft8983fntg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎨 Clawdis
Binscurl, python3, npm
EnvOPENCLAW_WORKSPACE
Primary envOPENCLAW_WORKSPACE

Comments