ClawHub

Feature Specification

v1.0.0

Convert persona docs into detailed feature specifications with acceptance criteria. Use when translating user needs into implementable specs, writing user stories, defining acceptance criteria, or preparing features for development.

0· 1k·1 current·1 all-time
by@wpank
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (convert persona docs into feature specs) match the SKILL.md content: templates, user-story guidance, acceptance-criteria patterns, and file path suggestions (docs/personas, docs/specs). There are no unexpected required binaries, env vars, or credentials.
Instruction Scope
Runtime instructions are purely editorial: templates, examples, where to place specs, and how to write stories/acceptance criteria. The skill references local doc paths (e.g., docs/PERSONA.md) which is consistent with its purpose and does not instruct reading unrelated system files or exfiltrating data.
Install Mechanism
The registry contains no install spec (instruction-only), which is low risk. The README suggests using npx or copying from ~/.ai-skills; these are user-run commands and not executed by the platform. Still, running npx against an unknown GitHub/tree URL or a remote package can execute remote code—users should inspect the source before running those commands.
Credentials
No environment variables, credentials, or config paths are requested. The declared scope of data access (persona docs in project folders) is proportionate to the feature-specification purpose.
Persistence & Privilege
always is false and the skill is user-invocable. There is no indication it modifies other skills or requests permanent platform-level privileges.
Assessment
This skill is an editorial template and appears coherent and low-risk. Before installing or running any suggested npx commands: (1) review the source repository or SKILL.md/README content you are about to install, (2) avoid running npx or install commands from untrusted URLs without inspection, and (3) be mindful that persona documents may contain sensitive customer data — avoid sending them to external services. If you want extra assurance, ask the publisher for a canonical repo/homepage or inspect the package contents locally before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk9702h5xb9jaeackhzgn4em0jn80wynj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments