Ux Researcher Designer
v2.1.1UX research and design toolkit for Senior UX Designer/Researcher including data-driven persona generation, journey mapping, usability testing frameworks, and...
⭐ 4· 2.1k·12 current·13 all-time
byAlireza Rezvani@alirezarezvani
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (persona generation, journey mapping, usability testing) match the included assets: SKILL.md, multiple reference guides, example outputs, and a persona_generator.py script. There are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope
SKILL.md instructs the agent to prepare JSON research data, run the included persona_generator.py, and follow standard UX workflows (validate with users, cross-check analytics/support). It does not instruct reading unrelated system files, using external endpoints, or accessing credentials beyond the provided data input.
Install Mechanism
No install spec (instruction-only), which is low-risk. The package does include an executable Python script (scripts/persona_generator.py) that the instructions tell the user/agent to run locally. The provided snippet appears to process input locally (no obvious network or credential libraries), but running any shipped script executes code on the host — review full script before execution.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. This is proportionate to its UX research/design purpose.
Persistence & Privilege
always:false (default), user-invocable, and no instructions to modify agent/system-wide settings. Autonomous invocation is allowed by platform default but the skill does not request elevated persistence or cross-skill config writes.
Assessment
This skill appears coherent and matches its UX research purpose, but follow these precautions before using it:
- Review the full scripts/persona_generator.py source to ensure there are no unexpected network calls, subprocess executions, or paths that read sensitive files. The provided snippet looks like local data processing, but the file is truncated in the package listing.
- Run the script in a sandbox or VM the first time (or with synthetic/anonymized data) to confirm behavior before feeding real user data or PII.
- Check the CLI entry point (main) to see how it accepts input and writes output; ensure outputs don't accidentally embed raw PII or credentials.
- If you plan to integrate JSON output into other tools, validate the output schema and sanitize any fields that may contain sensitive user identifiers.
If you want, I can scan the remainder of the persona_generator.py file for network/subprocess imports and risky patterns or summarize exactly what the script will read/write when invoked.Like a lobster shell, security has layers — review code before you run it.
latestvk972b21azpxmhrwwmak9xv19ks82jm6p
License
MIT-0
Free to use, modify, and redistribute. No attribution required.