ClawHub

Java Spring Boot

v1.0.0

Build production Spring Boot applications - REST APIs, Security, Data, Actuator

0· 91·2 current·2 all-time
bynacy@watermelon11
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Spring Boot development) align with included files (detailed SKILL.md, guidance, patterns, config schema) and the small validation script. There are no unrelated credentials, binaries, or install steps.
Instruction Scope
SKILL.md is documentation and examples for building Spring Boot apps and does not instruct reading sensitive system paths or env vars. It does list allowed-tools including Read, Write, and Bash — reasonable for a coding/authoring skill but means an agent using this skill could read/write project files or run shell commands. The documentation example suggests analyzing the current implementation, which implies access to workspace files; this is expected but worth noting.
Install Mechanism
No install spec is present (instruction-only plus small scripts). No downloads or external installers — low installation risk.
Credentials
The skill requests no environment variables or credentials. The contained code and docs do not reference hidden secrets or unrelated services.
Persistence & Privilege
always is false and the skill does not request system-wide persistence or modify other skills. Autonomous invocation is allowed by default but not combined with any elevated privileges here.
Assessment
This skill appears coherent and light-weight: it provides docs, patterns, a config schema, and a local validation script. It does not ask for credentials or install external code. However, because it declares tooling permissions (Read, Write, Bash), an agent using the skill could read or modify files in your project workspace or run shell commands; only install/use it from authors you trust and avoid giving it access to sensitive directories. If you need stricter limits, ask for a version that omits Bash/write permissions or review/ sandbox its actions before allowing automated invocation.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fpycpshscsegf2n5ty6rk0583f2nw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments