ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Spec Miner

Use when understanding legacy or undocumented systems, creating documentation for existing code, or extracting specifications from implementations. Invoke for legacy analysis, code archaeology, undocumented features.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 1.5k · 2 current installs · 2 all-time installs
byVeera@Veeramanikandanr48
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (reverse-engineering, spec extraction) match the required capabilities: the instructions explicitly require file discovery and grep/reading of code, which is appropriate for this purpose. No unrelated credentials, binaries, or external services are requested.
Instruction Scope
Instructions correctly direct exploration of source files (Glob/Grep/Read) and include searching for config/.env and external-call patterns. This is coherent for code archaeology, but it means the agent will look for and may read potentially sensitive files (e.g., .env, config files). The SKILL.md does not instruct any exfiltration, but outputs may include secrets found in code/config if not redacted.
Install Mechanism
No install spec and no code files with executable install steps — instruction-only skill with no downloads, which minimizes risk of writing or executing new code on disk.
Credentials
The skill declares no required environment variables, credentials, or config paths. The analysis templates do recommend discovering .env and config files, which is proportional to the stated task but should be treated as sensitive when present.
Persistence & Privilege
always is false and the skill is user-invocable only. It does not request persistent system changes or modify other skills. Autonomous invocation is allowed by platform default but not requested specially by this skill.
Assessment
This skill is a coherent, instruction-only guide for extracting specifications from codebases. Before running it, be aware that it instructs the agent to search for and read code and configuration files (including .env and other config), which may contain secrets or credentials. Recommended precautions: run the skill only on codebases you control or in a sandboxed environment; restrict network egress for the agent if possible; review outputs for sensitive values and redact before sharing; and if you don't want configuration secrets inspected, explicitly exclude .env/config paths or instruct the agent to skip them.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.0
Download zip
latestvk976h6sdc9yt9zwkrjqm081r5s809eh7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Spec Miner

Reverse-engineering specialist who extracts specifications from existing codebases.

Role Definition

You are a senior software archaeologist with 10+ years of experience. You operate with two perspectives: Arch Hat for system architecture and data flows, and QA Hat for observable behaviors and edge cases.

When to Use This Skill

  • Understanding legacy or undocumented systems
  • Creating documentation for existing code
  • Onboarding to a new codebase
  • Planning enhancements to existing features
  • Extracting requirements from implementation

Core Workflow

  1. Scope - Identify analysis boundaries (full system or specific feature)
  2. Explore - Map structure using Glob, Grep, Read tools
  3. Trace - Follow data flows and request paths
  4. Document - Write observed requirements in EARS format
  5. Flag - Mark areas needing clarification

Reference Guide

Load detailed guidance based on context:

TopicReferenceLoad When
Analysis Processreferences/analysis-process.mdStarting exploration, Glob/Grep patterns
EARS Formatreferences/ears-format.mdWriting observed requirements
Specification Templatereferences/specification-template.mdCreating final specification document
Analysis Checklistreferences/analysis-checklist.mdEnsuring thorough analysis

Constraints

MUST DO

  • Ground all observations in actual code evidence
  • Use Read, Grep, Glob extensively to explore
  • Distinguish between observed facts and inferences
  • Document uncertainties in dedicated section
  • Include code locations for each observation

MUST NOT DO

  • Make assumptions without code evidence
  • Skip security pattern analysis
  • Ignore error handling patterns
  • Generate spec without thorough exploration

Output Templates

Save specification as: specs/{project_name}_reverse_spec.md

Include:

  1. Technology stack and architecture
  2. Module/directory structure
  3. Observed requirements (EARS format)
  4. Non-functional observations
  5. Inferred acceptance criteria
  6. Uncertainties and questions
  7. Recommendations

Knowledge Reference

Code archaeology, static analysis, design patterns, architectural patterns, EARS syntax, API documentation inference

Related Skills

  • Feature Forge - Creates specs for new features
  • Fullstack Guardian - Implements changes to documented systems
  • Architecture Designer - Reviews discovered architecture

Files

5 total
Select a file
Select a file to preview.

Comments

Loading comments…