ClawHub

Mychef

v2.0.3

Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Mychef concepts, best practices, and implementation patterns.

0· 115·0 current·0 all-time
by@bytesagain1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Mychef reference for devtools) matches the provided SKILL.md and the included script: both produce plain-text reference documentation. The only minor mismatch is metadata: registry version is 2.0.3 while the script sets VERSION="2.0.2" — a cosmetic inconsistency, not a security issue.
Instruction Scope
SKILL.md explicitly states the commands output heredoc text with no external API calls; scripts/script.sh only prints local heredoc content and uses no network, credentials, or reads arbitrary system paths. No scope creep detected.
Install Mechanism
There is no install specification (instruction-only skill). A single shell script is included but nothing in the bundle downloads or executes remote code during install.
Credentials
The skill declares no required environment variables, no primary credential, and the script does not read environment variables or credentials. No disproportionate secrets or config access requested.
Persistence & Privilege
always is false and the skill is user-invocable. It does not attempt to modify agent/system configurations or request permanent presence.
Assessment
This skill appears to be a harmless local reference tool: it includes a shell script that prints documentation and does not perform network calls or request credentials. Before installing or running, you may want to: (1) review the script (scripts/script.sh) yourself — it is short and readable; (2) note the minor version mismatch (metadata 2.0.3 vs script VERSION 2.0.2) and a small help-text substitution bug (the help heredoc is single-quoted so $VERSION won't expand) — both are non-malicious; and (3) as with any skill that contains executable scripts, only enable it in environments where running simple shell tools is acceptable. Overall risk is low.

Like a lobster shell, security has layers — review code before you run it.

latestvk974131mthctfc9y885jxs85gn83g7d8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments