ClawHub

Replit Agent

v1.0.1

Replit Agent 助手,精通云端 AI 编程、自动部署、数据库集成、全栈应用开发

0· 106·0 current·0 all-time
by@zhangifonly·duplicate of @zhangifonly/manus-agent
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (Replit Agent, cloud development, deployment, DB integration) match the SKILL.md content. One minor mismatch: the skill describes automated creation/deployment to Replit but declares no required Replit API token or credential. That can be legitimate for an instruction-only skill (it may only provide guidance and generated code), but it could also mean the skill will prompt users later for tokens if it were to act on their behalf.
Instruction Scope
SKILL.md contains only high-level runtime instructions for the AI (generate projects, deployment guidance, DB integration best practices). It does not tell the agent to read local files, access unrelated environment variables, exfiltrate data, or call unexpected endpoints. No open-ended 'gather whatever context you need' directives are present.
Install Mechanism
No install specification and no code files are present. As an instruction-only skill, it writes nothing to disk and does not fetch external packages — this is the lowest-risk install footprint.
Credentials
The skill requires no environment variables or credentials, which is consistent with an instruction-only helper. However, because it advertises one-click deployment and Secrets management on Replit, a fully autonomous deployment capability would normally need Replit credentials — their absence should be noted and clarified before expecting the skill to act on your account.
Persistence & Privilege
No always:true flag and default autonomous invocation settings. The skill does not request persistent presence, nor does it attempt to modify agent/system-wide configurations. This is standard for a helper skill.
Assessment
This appears to be an instruction-only Replit assistant (no code or installs). Before installing or using it: (1) understand it currently does not declare any Replit API credentials — if it later asks you to paste tokens or secrets into chat, treat that as sensitive and prefer ephemeral tokens or the official Replit OAuth flow; (2) because the skill has no homepage or published source listed, consider asking the publisher for provenance or source code if you plan to grant account-level access; (3) avoid sharing private keys, passwords, or long-lived tokens directly in messages; (4) if you expect the skill to perform autonomous deployments to your Replit account, confirm how it will obtain and store credentials and review any instructions it provides before executing them. If you want higher assurance, request a version that documents how it integrates with Replit (OAuth endpoints, token storage, or a clear manual workflow).

Like a lobster shell, security has layers — review code before you run it.

latestvk972dwpwx53y6f8jxhzrw6ew4n83dnz5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments