Keybindings Customizer
v1.0.0Use when the user wants to customize Claude Code keybindings, rebind shortcuts, add chords, or edit `~/.claude/keybindings.json` safely.
⭐ 0· 32·0 current·0 all-time
by@wimi321
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description and SKILL.md consistently describe safely editing Claude Code keybindings (~/.claude/keybindings.json). However, the registry metadata lists no required config paths even though the instructions explicitly reference a specific user config file; this is a minor inconsistency (the skill will need read/write access to that file in practice).
Instruction Scope
SKILL.md instructions are narrowly scoped: read the existing keybindings file, merge changes, preserve schema/docs, validate reserved shortcuts, and report conflicts. There are no instructions to read other unrelated files, call external endpoints, or collect extra data. The instructions are high-level (merge/validate) so runtime behavior depends on the agent implementation; the user should require a preview/diff before writes.
Install Mechanism
Instruction-only skill with no install spec and no code files present. This minimizes disk/write risk and there are no downloaded/installed components to review.
Credentials
The skill requests no environment variables or credentials, which is appropriate. It does, however, operate on a user config file in the home directory; the metadata does not declare this config path as required. This is reasonable for the stated purpose but should be explicit so users know what will be accessed.
Persistence & Privilege
always:false and no special privileges requested. The skill can be invoked autonomously by the agent (platform default), which is expected; combine this with the prior note and require explicit user confirmation before modifying files.
Assessment
This skill appears to do what it claims (read and merge changes to ~/.claude/keybindings.json) and does not request unrelated credentials or installs — so it is internally coherent. Before installing or running it, consider these precautions: (1) Confirm provenance — the source is 'unknown' in the registry; prefer skills from known repositories. (2) Require the skill to show a preview/diff of proposed edits and ask for explicit confirmation before writing. (3) Back up ~/.claude/keybindings.json (e.g., ~/.claude/keybindings.json.bak) before allowing writes. (4) Verify the skill only touches that specific file and does not attempt to read other home-directory files. (5) If you enable autonomous invocation for the agent, be aware it could modify the file without prompting — keep autonomous use disabled unless you trust the skill. If the publisher can provide a declared config path (the metadata currently omits it) and an auditable implementation, that would increase confidence further.Like a lobster shell, security has layers — review code before you run it.
claude-codevk975ncqjdnxfz4dp2jpqefs52n840n55extractedvk975ncqjdnxfz4dp2jpqefs52n840n55latestvk975ncqjdnxfz4dp2jpqefs52n840n55
License
MIT-0
Free to use, modify, and redistribute. No attribution required.