ClawHub

Design System Creation

v1.0.0

Complete workflow for creating distinctive design systems from scratch. Orchestrates aesthetic documentation, token architecture, components, and motion. Use when starting a new design system or refactoring an existing one. Triggers on create design system, design tokens, design system setup, visual identity, theming.

6· 2.2k·20 current·22 all-time
by@wpank
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name, description, and runtime instructions all focus on authoring design-system artifacts (tokens, typography, components, motion). It does not declare unrelated binaries, environment variables, or credentials, so the requested capabilities are proportional to the stated purpose.
Instruction Scope
Runtime instructions are prose and code examples for building design systems. They include several 'Read: ai/skills/...' references to other component skills (logical for a meta-skill). This may cause an agent to attempt to load local skill files for context — not inherently malicious but worth reviewing. No instructions ask the agent to read system secrets or send data to external endpoints.
Install Mechanism
There is no install spec in the skill bundle (instruction-only), which minimizes risk. The README shows example install commands (npx clawhub@latest install ... and an npx add GitHub URL) — those commands, if executed, would fetch/execute remote code. That is an installation-time risk (not intrinsic to the skill content) and should be handled by inspecting the referenced repository before running such commands.
Credentials
The skill declares no required environment variables, credentials, or config paths. There are no requests for tokens or secrets and no use of environment data in the instructions, so requested access is proportional.
Persistence & Privilege
Flags show default behavior (always: false, autonomous invocation allowed). The skill does not request persistent system presence or elevated privileges.
Assessment
This skill is an instruction-only design-system meta-skill and appears coherent with its description. Before installing or running any provided installation commands: (1) verify the skill source — the homepage is missing and the owner is unknown; (2) inspect the remote repository referenced in README (or avoid running npx commands you don't trust); (3) do not blindly execute copy/install commands that reference ~/.ai-skills, ~/.cursor, or other home directories; and (4) review any referenced component skills listed in the document to ensure they are trustworthy. If you want extra safety, clone the repo into an isolated project or sandbox and read the files locally rather than running remote installers.

Like a lobster shell, security has layers — review code before you run it.

latestvk971xf9np11j82bzz37at97qj180w4xa

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments