ClawHub

Mathbox

v2.0.3

Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Mathbox concepts, best practices, and implementation patterns.

0· 115·0 current·0 all-time
by@bytesagain1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Mathbox reference for devtools) align with the provided assets: an instruction-only SKILL.md and a local shell script that emit reference text. There are no unexpected required binaries, env vars, or external services listed.
Instruction Scope
SKILL.md states all commands output plain-text via heredoc with no external API calls; scripts/script.sh implements those commands and prints documentation. Minor inconsistencies: SKILL.md lists version 2.0.3 while the script sets VERSION="2.0.2"; the help heredoc is single-quoted so it will show the literal string "$VERSION" rather than expanding it. These are correctness/quality issues, not signs of malicious behavior.
Install Mechanism
No install spec is provided (instruction-only), and the included shell script is self-contained. Nothing is downloaded or written to disk at install time by an installer—lowest-risk pattern.
Credentials
The skill declares no required environment variables, credentials, or config paths; the script does not read environment variables or credentials. No disproportionate access is requested.
Persistence & Privilege
The skill is not always-enabled and does not request persistent or elevated privileges. It does not modify other skills or global agent configuration; it merely provides a local CLI-style reference implementation.
Assessment
This skill appears to be a straightforward, local reference tool and does not request keys or network access. You can safely review the SKILL.md and scripts/script.sh (already included) before enabling. Note the small quality issues (version mismatch and help output showing "$VERSION"), which are harmless but suggest the author should update the script. As with any third-party script, if you plan to execute it on a production host, consider running it in a sandbox or reviewing the file contents first.

Like a lobster shell, security has layers — review code before you run it.

latestvk979ajcdt85s840nb7bjmem4cs83hvrq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments