ClawHub

ClawHub Release Operator

v1.1.1

Run ClawHub skill release workflows with clear safety gates. Use for publish, inspect, update, sync, and failure recovery with command-first steps, explicit...

14· 4.6k·45 current·47 all-time
byVasiliy@vassiliylakhonin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, declared requirement (the 'clawhub' CLI), and the SKILL.md workflows all match: this skill is explicitly a ClawHub release operator and only needs the clawhub binary. Minor inconsistency: registry metadata/version in the package header (1.1.1) does not match _meta.json (1.0.8). This looks like a bookkeeping/versioning mismatch, not an operational risk, but you may want to confirm the published version.
Instruction Scope
SKILL.md contains concrete, command-first steps limited to clawhub commands (whoami, inspect, publish, update, sync, etc.). It does not instruct reading unrelated system files, exporting data to external endpoints, or accessing environment variables beyond the normal ClawHub login session. Note: the workflows include write operations (publish/update/sync) which will change remote registry state when run.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is downloaded or written by the skill itself. This is the lowest-risk install model.
Credentials
No environment variables or credentials are declared. SKILL.md correctly states that a valid ClawHub login session is required for write actions; that is proportional to the stated purpose.
Persistence & Privilege
always is false and the skill is user-invocable. disable-model-invocation is false (the platform default). The skill does not request persistent or elevated platform privileges beyond normal agent invocation. Because the skill's actions are CLI write commands, users should ensure they want the agent to be able to run such commands autonomously.
Assessment
This skill appears to be what it says: a set of concrete CLI workflows for the ClawHub tool. Before installing/using it, verify you have the official clawhub CLI from a trusted source, and confirm which local directory and slug the commands will act on (publish runs from the current directory). The SKILL.md includes write operations (publish, update, sync) that will modify remote registry state — use the recommended preflight checks and --dry-run before any write. Note the small metadata/version mismatch between the package header and _meta.json; ask the publisher to confirm the intended version if that matters to you. If you do not want the agent to run potentially destructive commands autonomously, require manual confirmation or disable autonomous invocation for this skill.

Like a lobster shell, security has layers — review code before you run it.

inspectvk97c9a2210s40ecnaqm52phnvn850y5glatestvk97c9a2210s40ecnaqm52phnvn850y5gpublishvk97c9a2210s40ecnaqm52phnvn850y5gsyncvk97c9a2210s40ecnaqm52phnvn850y5g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis
OSLinux · macOS · Windows
Binsclawhub

Comments