ClawHub

Openclaw Design Consult

v1.0.1

Senior product design system consultant with strong but explainable design decision-making capabilities. Supports proactive requirement clarification and sys...

0· 92·0 current·0 all-time
by@x-rayluan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (design system consultant) aligns with the SKILL.md. Reading README.md, package.json, repo folders, and any 'office-hours' context to prefill context, producing DESIGN.md/CLAUDE.md and an HTML preview are all expected capabilities for this purpose.
Instruction Scope
Instructions explicitly read repository files (README.md, package.json, src/, components/, and .context/*office-hours*), write DESIGN.md and append to CLAUDE.md, and create a /tmp preview HTML and open it. These actions are consistent with the skill's function but do involve reading project files and writing to disk and using network/browser tools for optional competitor research — users should expect the skill to access repository contents and perform network browsing if research is enabled.
Install Mechanism
This is an instruction-only skill with no install spec or code files — lowest install risk. No packages or downloads are requested.
Credentials
The skill declares no environment variables, credentials, or config paths. The SKILL.md does not request secrets or unrelated credentials. File access is limited to repo files and a .context directory referenced for 'office-hours' — which is reasonable for the stated purpose.
Persistence & Privilege
always:false and normal model invocation are set. The skill writes files to the project root and /tmp (DESIGN.md, CLAUDE.md, preview HTML) which is expected behavior for a design artifact generator; it does not request persistent platform privileges or modify other skills.
Assessment
This skill appears to do what it says, but be aware of these practical points before enabling it: (1) It will read repository files (README.md, package.json, src/, components/) and any .context/office-hours artifacts — avoid running it in a repo that contains secrets or sensitive data you don't want read. (2) It writes DESIGN.md and appends to CLAUDE.md in the project root and writes a preview HTML under /tmp; review and commit those files yourself rather than allowing automatic commits. (3) Optional competitor research uses web browsing and screenshots and the preview loads Google Fonts CDN — if you want to restrict network access, decline the research step. (4) The SKILL.md uses platform commands (e.g., open) and browser tooling assumptions that may not work identically on all runtimes; test in a safe sandbox first. If you need stronger assurances, ask the owner for explicit guarantees about what paths it will read/write or run it on a copy of your repo.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bj2g55xdc85ef45n9d46fqh83zb0z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments