ClawHub

Front End Dev

v1.0.0

Create distinctive, production-grade static sites with React, Tailwind CSS, and shadcn/ui — no mockups needed. Generates bold, memorable designs from plain t...

2· 426·5 current·5 all-time
byTyler Snyder@tysnyder
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (frontend design scaffolding) match the provided files: design references, templates, and init scripts for Vite/Next.js. Requiring node and npm is reasonable for this functionality.
Instruction Scope
SKILL.md and README instruct the agent (and user) to generate sites, pick a design direction, and run provided shell scripts. The instructions do not ask to read unrelated system files, harvest credentials, or send data to unknown endpoints.
Install Mechanism
The skill is instruction-only (no platform install spec), but the provided shell scripts call npm/npx to download packages (shadcn CLI, parcel, html-inline, etc.). This is expected for project scaffolding but means running the scripts will fetch and execute third‑party packages from the npm registry — review before running.
Credentials
No environment variables or credentials are requested. The scripts reference only node/npm and local filesystem paths, which is proportionate to a scaffolding tool.
Persistence & Privilege
Skill is user-invocable, not always-enabled, and does not request persistent privileges or attempt to modify other skills or global agent configuration.
Assessment
This skill appears to do what it says: scaffolding and design guidance plus scripts to create Vite/Next projects. Before running any scripts (bash scripts/init-*.sh, bundle-artifact.sh): 1) inspect the scripts (they create files and run npm/npx commands), 2) be aware npm/npx will download and run third-party packages — run in an isolated/dev environment if you don't trust those packages, 3) if you plan to deploy (vercel), do not paste tokens/credentials into the generated templates unless you trust the target, and 4) if you want extra safety, manually copy only the templates and components you need rather than running automated installers.

Like a lobster shell, security has layers — review code before you run it.

latestvk9743s8w3wtvq266q6hrry6jh182bdq5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎨 Clawdis
Binsnode, npm

Comments