ClawHub

Pywayne Maths

v0.1.0

Mathematical utility functions for factorization, digit counting, and large integer multiplication using Karatsuba algorithm. Use when solving number theory...

0· 572·0 current·0 all-time
by@wangyendt
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to expose Python functions (pywayne.maths.get_all_factors, digitCount, karatsuba_multiplication) but the bundle contains no code files and no install spec. For the skill to work, the runtime must already have a package named pywayne (or similar) installed — not stated. That mismatch (documented API vs no shipped implementation or install guidance) is incoherent.
Instruction Scope
SKILL.md only shows import statements and usage examples; it does not instruct the agent to read system files, environment variables, or external endpoints. However, it implicitly assumes the module exists in the environment; the lack of instruction about how to obtain it is an important omission.
Install Mechanism
No install spec is provided (instruction-only). This is low immediate disk/write risk, but because the skill requires a Python module that isn't included, an agent or user might attempt to pip-install a package from PyPI or another source — introducing supply-chain risk if that occurs without vetting.
Credentials
No environment variables, credentials, or config paths are requested. The declared environment/credential footprint is minimal and appropriate for a pure mathematical utility.
Persistence & Privilege
Skill does not request always:true, does not modify other skills, and contains no installation scripts. It has no elevated persistence or privileges as published.
What to consider before installing
This skill documents a Python library but ships no code and gives no install instructions. Before installing or enabling it, ask the publisher for the source code or a clear, trusted install method (e.g., a GitHub repo or an official PyPI package name and version). Do not allow an agent to auto-install an unknown PyPI package without vetting — that is a supply-chain risk. If you need these functions now, prefer a skill that includes its implementation or points to a verifiable upstream source. If you proceed, verify the package source, check the code for malicious behavior, and avoid providing any credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk976v0sm5ecc0jpk4fex8mbt7n819v1r

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments