ClawHub

Skill Architect

v1.0.0

Design and create new AI skills with the right internal structure — not just correct formatting. Works with any AI coding tool (Claude Code, Google Antigravi...

0· 74·2 current·2 all-time
by@vincent-hq
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (designing skill structure and scaffolding SKILL.md) align with the included files (SKILL.md, pattern references, templates). It does not ask for unrelated credentials or binaries and the templates/reference material explain the claimed capabilities.
Instruction Scope
SKILL.md and the reference templates only instruct the agent how to interview users, select design patterns, and scaffold skill files. They do not ask the agent to read unrelated system files, access environment variables, or transmit data to external endpoints. Installation instructions in README are normal copy/clone steps for making the skill available to various agents.
Install Mechanism
There is no registry install spec in the package (instruction-only), which is low risk. The README suggests cloning a third-party GitHub repo or running an `npx` command to install — those are external actions the user would perform outside the agent. Cloning or running arbitrary npm packages is standard but requires trusting the external repo; this is a user-side consideration rather than a contradiction in the skill itself.
Credentials
The skill declares no required environment variables, binaries, or config paths and its runtime instructions do not reference secrets. There are no disproportionate credential requests.
Persistence & Privilege
The skill does not request always:true or elevated privileges. README suggests optional global installation (copying files into user agent config directories) which is conventional for agent rules; prefer installing per-project if you want to limit scope.
Assessment
This skill is instruction-only and the files included match its description. Before installing: (1) Inspect the repository owner (vincent-hq / the GitHub URL referenced) and confirm you trust it before running `npx` or cloning globally; (2) Prefer a project-local install rather than copying templates into global agent config directories if you want to limit persistence; (3) Read the provided templates and SKILL.md to ensure the generated scaffolds meet your security/privacy needs; (4) The skill does not request secrets or access to other skills, but avoid executing any additional install commands (npm, scripts, or binaries) from untrusted sources without review.

Like a lobster shell, security has layers — review code before you run it.

latestvk97012va0cn9409jt20887q4as83d09t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments