ClawHub

Equity

v2.0.0

Model cap tables, dilution scenarios, and vesting schedules for startups. Use when planning fundraising, pricing options, or tracking equity.

0· 167·0 current·0 all-time
by@bytesagain1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill's name/description (cap table, dilution, vesting modeling) aligns with a local CLI that records and exports entries. Required artifacts (no env vars, no binaries) are proportional. However, SKILL.md mentions an EQUITY_DIR environment variable and commands like 'list' and 'add' that the included script does not appear to implement/consume, indicating documentation and implementation drift.
Instruction Scope
Runtime instructions describe local-only operations and exporting to stdout/files. The shipped script follows that pattern (creates ~/.local/share/equity, logs inputs, exports json/csv/txt). The mismatch: SKILL.md suggests you can set EQUITY_DIR and lists certain commands (e.g., 'add', 'list') that are not present/handled in the script; this is scope/documentation inconsistency rather than malicious scope creep. The instructions do not direct data to external endpoints.
Install Mechanism
There is no install spec — the skill is instruction-only with a local shell script. Nothing is downloaded or extracted, which is the lowest install risk.
Credentials
The skill requests no environment variables or credentials. It stores data under the user's home directory by default. The SKILL.md mentions EQUITY_DIR but the script does not read it, so there is no unexpected credential or off-host access.
Persistence & Privilege
The skill writes files under ~/.local/share/equity and maintains history logs — expected for a local CLI that tracks entries. It does not request elevated system privileges, never sets always:true, and does not modify other skills or global agent settings.
Assessment
This skill appears to be a local-only CLI that writes logs and exports data under ~/.local/share/equity and does not contact external services or ask for credentials. Before installing: (1) review the full script (the provided file was truncated in the manifest — confirm the rest contains no network or credential code); (2) be aware all inputs you send to the tool are appended to plaintext log files in your home directory (sensitive data should be avoided); (3) note the docs mention an EQUITY_DIR env var and commands like 'add'/'list' which the script doesn't honor — if you need a custom data directory or those commands, request clarification or update the script; (4) run the script in a sandbox or with limited permissions if you want to verify behavior first.

Like a lobster shell, security has layers — review code before you run it.

latestvk9788t9xcyq274wa940d50kkf5834wg2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments