component-library

Installs and configures a GitHub Packages component library in package.json based on user requests.

Install this skill

68/100

Security score

The component-library skill was audited on Feb 9, 2026 and we found 6 security issues across 2 threat categories, including 1 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 96

Direct command execution function call

SourceSKILL.md

96	const latestVersion = execSync(

medium line 101

Template literal with variable interpolation in command context

SourceSKILL.md

101	userConfig.component_library_version = `^${latestVersion}`;

medium line 107

Template literal with variable interpolation in command context

SourceSKILL.md

107	const aliasValue = `npm:@RoyalAholdDelhaize/pdl-spectrum-component-library-web@${userConfig.component_library_version}`;

medium line 115

Template literal with variable interpolation in command context

SourceSKILL.md

115	console.log(`✓ Component library configured: ${aliasKey} → ${aliasValue}`);

low line 89

Node child_process module reference

SourceSKILL.md

89	const { execSync } = require('child_process');

low line 95

Access to hidden dotfiles in home directory

SourceSKILL.md

95	// Note: Uses npm show without --registry flag to respect ~/.npmrc authentication

Scanned on Feb 9, 2026

View Security Dashboard

Installation guide →

GitHub Stars 106

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw backend api frontend-developer fullstack-developer product-manager github development product

majiayu000/claude-skill-registry