ClawHub

Lunardate

v2.0.2

Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Lunardate concepts, best practices, and implementation patterns.

0· 94·0 current·0 all-time
bybytesagain4@xueyetianya
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Lunardate reference) align with required files and behavior: SKILL.md and a shell script that emit static reference text. There are no unexpected env vars, binaries, or external services requested.
Instruction Scope
SKILL.md explicitly says outputs are heredoc/plain-text with no external API calls; the included script implements only heredoc outputs and simple argument parsing. Minor documentation inconsistencies exist (script VERSION variable is 2.0.1 while registry metadata says 2.0.2; help heredoc uses a quoted delimiter so $VERSION won't expand, and the cheatsheet references a 'troubleshooting' command name while the script uses 'debugging'). These are quality issues but not security concerns.
Install Mechanism
No install spec is present (instruction-only plus a small shell script). Nothing is downloaded or extracted; the script is self-contained. Low installation risk.
Credentials
The skill declares no required environment variables or credentials and the script does not read env vars or config paths. No evidence of disproportionate secret access.
Persistence & Privilege
always is false and the skill does not request persistent system-wide changes or modify other skills. It only prints documentation and exits.
Assessment
This skill is a simple, local reference tool that prints static documentation — it does not call external services or require credentials. It's safe from a credential-exfiltration standpoint. Before installing, note trivial inconsistencies (version string mismatch, help text quoting preventing variable expansion, and a mismatch in command names in the cheatsheet) which are quality bugs but not malicious. As with any skill that executes a script, only install from sources you trust; if you need absolute assurance, open the script and verify it contains only benign output (as it does here) or run it in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bk3nj836cjwc17mx2jjyry183hrzs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments