by 安全扫描
OpenClaw
安全
high confidenceInstruction-only skill that coherently documents how to generate VS Code debugging configurations for vvvv gamma C# projects; it reads local workspace and common install paths but requests no credentials, binaries, or installs.
评估建议
This skill is an instruction-only helper for creating VS Code debug configs for vvvv and appears internally consistent. Before using it: (1) Review and confirm any detected vvvv installation path it proposes (it looks under Program Files and may not find custom installs). (2) Approve the AskUserQuestion prompts it will present — the skill says to ask all configuration questions before writing files. (3) Inspect generated .vscode/launch.json and tasks.json before launching, especially if you enab...详细分析 ▾
✓ 用途与能力
The skill's name and description (vvvv debugging / generate launch.json and tasks.json, attach debugger) match the SKILL.md content. All requested actions (scanning the workspace, locating vvvv.exe, creating/merging .vscode configs, asking the user for flags) are appropriate for a debugging setup helper. There are no unrelated credential or external service requirements.
ℹ 指令范围
Instructions direct the agent to scan the local workspace (csproj/sln/vl files, help/ folders, .vscode) and to search common installation path(s) under C:\Program Files for vvvv. That is expected for this purpose, but the doc also suggests inspecting git submodules and repository package names — which means the agent will read repository metadata and file structure. This is reasonable for building correct launch args, but users should be aware the skill expects access to their project files and Program Files. The example command uses a Unix-like ls variant on a Windows path (/c/Program Files) which is a minor platform inconsistency but not a security issue.
✓ 安装机制
No install spec and no code files are present; the skill is instruction-only. Nothing will be written to disk by an installer. This is the lowest-risk install profile.
✓ 凭证需求
The skill declares no required environment variables, credentials, or config paths. The instructions reference only local file system locations and workspace metadata which are proportionate to generating debugging configurations. No secrets or external tokens are requested.
✓ 持久化与权限
always is false and the skill is user-invocable. It does not request persistent installation, modify other skills, or claim system-wide privileges. Autonomous invocation is allowed by default but there are no additional privileges requested that would increase risk.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/3/5
Initial release
● 无害
安装命令
点击复制官方npx clawhub@latest install vvvv-debugging
镜像加速npx clawhub@latest install vvvv-debugging --registry https://cn.longxiaskill.com