ClawHub

Pywayne Visualization Rerun Utils

v0.1.0

Static 3D visualization utilities wrapping Rerun SDK for adding point clouds, trajectories, cameras, planes, and chessboards. Use when visualizing 3D data in...

0· 486·2 current·2 all-time
by@wangyendt
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name and description match the SKILL.md content: helpers for adding point clouds, cameras, planes, etc., to a Rerun viewer. The declared needs (Rerun SDK) are coherent with the stated purpose.
Instruction Scope
Instructions are narrowly scoped to visualization tasks (calling rr.init, static add_* methods, data formats). They do not request unrelated files, credentials, or system-wide configuration. However, SKILL.md says the Rerun SDK is 'auto-downloaded via gettool' — that is an operational detail that can cause external package installation and should be clarified (which package name, version, and source).
Install Mechanism
There is no declared install spec; the SKILL.md relies on a platform helper ('gettool') to auto-download the Rerun SDK. That is plausible for this purpose but leaves the install source/verification unspecified (no package name/version or trusted release host). This is a moderate procedural risk to confirm before installation.
Credentials
The skill declares no required environment variables, credentials, or config paths and the instructions do not reference secrets or unrelated environment data. The requested privileges are proportionate to a visualization utility.
Persistence & Privilege
always is false and the skill does not request persistent system-wide changes or cross-skill configuration. Autonomous invocation is allowed by default (normal for skills) but does not combine here with other concerning privileges.
Assessment
This skill appears to do what it says: helper functions for Rerun visualization. Before installing or allowing the agent to auto-install dependencies, verify the Rerun SDK source: ask for the exact package name and version and confirm it comes from an official/known distribution (PyPI/GitHub releases). If possible, run the install in a sandboxed environment first. Also confirm what your platform's 'gettool' does (which registry it pulls from and whether it can run arbitrary install scripts). If you need stronger assurance, request the skill author to include a concrete install spec (package name/version and checksum or GitHub release URL) so you can validate the dependency prior to installation.

Like a lobster shell, security has layers — review code before you run it.

latestvk9761e62zqsg58a1m4jyhspnb581dfjt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments