PigX UI 前端开发
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a benign instruction-only PigX UI frontend development guide, with only minor things to notice around local command examples and missing source provenance.
This skill appears safe as a documentation-only frontend development guide. Before installing, confirm that the local path and PigX UI conventions match your environment, and approve any suggested pnpm or Docker commands only when you intend to run them.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you let the agent run these commands, it may install dependencies, start services, build artifacts, or invoke project scripts in the local repository.
The skill documents local development commands that an agent may suggest or run when helping with the project. These commands are expected for frontend development, but they can affect the local workspace if executed.
## 常用命令 ... pnpm install ... pnpm dev ... pnpm build ... pnpm build:docker
Only allow these commands in the intended PigX UI project directory, and review project scripts before approving execution.
You have less context for who authored or maintains the guidance, even though the included artifacts themselves are simple documentation.
The skill has no executable code, but its provenance is not documented in the registry metadata.
Source: unknown; Homepage: none
Verify that the guidance matches your actual PigX UI project conventions before relying on it.