ClawHub

Wakatime Lite

v2.0.3

Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Wakatime Lite concepts, best practices, and implementation patterns.

0· 115·0 current·0 all-time
by@bytesagain1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the contents. The SKILL.md promises a reference/cheat-sheet and the included scripts produce static documentation via heredoc. There are no unrelated binaries, credentials, or config paths required.
Instruction Scope
SKILL.md explicitly states no external API calls or credentials and the script implements only local heredoc outputs. Minor, non-security issues: the quickstart text generically mentions 'Required tools and access credentials' (likely a template artifact) and the script's internal VERSION (2.0.2) differs from the SKILL.md version (2.0.3). Neither changes the runtime behavior, but they are small inconsistencies worth noting.
Install Mechanism
No install spec is provided (instruction-only), so nothing is downloaded or written to disk by an installer. A script file is included but it contains only static output logic and no network or exec of untrusted code.
Credentials
The skill declares no required environment variables, no primary credential, and the code does not read env vars or secret-like values. Requested access is proportionate to a local reference tool.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify other skill/system configurations. It does not attempt to persist credentials or change agent-wide settings.
Assessment
This appears to be a low-risk, read-only reference skill. If you plan to install it, note the minor documentation inconsistencies (version mismatch and a generic mention of 'access credentials' in the quickstart). Before allowing any agent to execute the included script, you may want to: (1) preview the script (it's short and human-readable) to confirm it only prints text, (2) avoid granting the agent network or elevated filesystem permissions unless needed, and (3) treat it as a local reference tool — there are no hidden endpoints or credential requirements. If you require absolute assurance, run the script in an isolated environment to observe behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk9776v55b6gk8bdsbcg7az09nd83ga7v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments