Skip to main content

developer-tools

Enhances developer experience by providing CLI tools, SDKs, and patterns for building command-line interfaces and managing resources.

Install this skill

or
34/100

Security score

The developer-tools skill was audited on Feb 9, 2026 and we found 18 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 55

Template literal with variable interpolation in command context

SourceSKILL.md
55spinner.fail(chalk.red(`Failed: ${error.message}`));
medium line 86

Template literal with variable interpolation in command context

SourceSKILL.md
86console.log(chalk.green(`Created ${answers.type}: ${name}`));
medium line 97

Template literal with variable interpolation in command context

SourceSKILL.md
97console.log(`Set ${key}=${value}`);
medium line 176

Template literal with variable interpolation in command context

SourceSKILL.md
176format: `${label} |{bar}| {percentage}% | {value}/{total}`,
medium line 214

Template literal with variable interpolation in command context

SourceSKILL.md
214const response = await fetch(`${this.baseUrl}${path}`, {
medium line 218

Template literal with variable interpolation in command context

SourceSKILL.md
218Authorization: `Bearer ${this.apiKey}`,
medium line 236

Template literal with variable interpolation in command context

SourceSKILL.md
236get: (id: string) => this.request<User>('GET', `/users/${id}`),
medium line 242

Template literal with variable interpolation in command context

SourceSKILL.md
242this.request<User>('PUT', `/users/${id}`, data),
medium line 244

Template literal with variable interpolation in command context

SourceSKILL.md
244delete: (id: string) => this.request<void>('DELETE', `/users/${id}`),
medium line 250

Template literal with variable interpolation in command context

SourceSKILL.md
250get: (id: string) => this.request<Project>('GET', `/projects/${id}`),
medium line 335

Template literal with variable interpolation in command context

SourceSKILL.md
335`Attempt ${error.attemptNumber} failed. ${error.retriesLeft} retries left.`
medium line 348

Template literal with variable interpolation in command context

SourceSKILL.md
348const response = await fetch(`${this.baseUrl}${path}`, {
low line 122

Access to .env file

SourceSKILL.md
122process.env.DEBUG = 'true';
low line 177

Unicode escape sequences

SourceSKILL.md
177barCompleteChar: '\u2588',
low line 178

Unicode escape sequences

SourceSKILL.md
178barIncompleteChar: '\u2591',
low line 206

External URL reference

SourceSKILL.md
206this.baseUrl = options.baseUrl || 'https://api.example.com';
low line 389

External URL reference

SourceSKILL.md
389{ url: 'https://api.example.com', description: 'Production' },
low line 390

External URL reference

SourceSKILL.md
390{ url: 'https://staging-api.example.com', description: 'Staging' },
Scanned on Feb 9, 2026
View Security Dashboard
Installation guide →
GitHub Stars 106
Rate this skill
Categorydevelopment
UpdatedMay 21, 2026
openclawapidevopsdevops-sredata-engineerdevelopment
majiayu000/claude-skill-registry