ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Circleci

v1.0.0

CircleCI CI/CD — manage pipelines, workflows, jobs, and insights via REST API

0· 576·3 current·3 all-time
by@aiwithabidi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the code and declared requirement (CIRCLECI_TOKEN). The CLI implements pipeline, workflow, job, insights, contexts, and env-var endpoints on the CircleCI v2 API, which is coherent with the stated purpose.
Instruction Scope
SKILL.md describes the CLI commands precisely. The bundled script will also attempt to read CIRCLECI_TOKEN from an .env file at WORKSPACE or ~/.openclaw/workspace/.env if the environment variable is not set; this behavior is not documented in SKILL.md (minor mismatch) but is limited to credential lookup only. The CLI accepts full URLs for requests (path starting with "http"), which is a flexible feature but could be used to target non-CircleCI endpoints if a caller supplies such a URL.
Install Mechanism
No install spec; instruction-only skill with a single stdlib Python script. No external downloads or package installs are performed.
Credentials
Only CIRCLECI_TOKEN is required (declared as primaryEnv). The script's fallback to reading an .env in WORKSPACE or ~/.openclaw/workspace is reasonable for convenience but means a local file can supply the token even if not exported — this filesystem access is not declared in the manifest.
Persistence & Privilege
always is false and no config paths are declared. The skill does not request permanent/privileged platform presence or modify other skills' configs.
Assessment
This appears to be a straightforward CircleCI CLI and is coherent with its declared purpose. Before installing, check these points: (1) supply a CircleCI token with least privilege needed (avoid using an all-scopes personal token); (2) be aware the script will try to read CIRCLECI_TOKEN from WORKSPACE or ~/.openclaw/workspace/.env if the env var is absent — remove or audit any .env files you do not trust; (3) the CLI supports full-URL requests, so only run commands you trust (avoid passing arbitrary URLs that could send your token to other endpoints); (4) the skill is instruction-only and uses only Python stdlib, but it comes from an unverified source — if you need higher assurance, review the full script locally or run it in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk974wthkt8g52c3mjaxw0r4pcx81k3ee

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔄 Clawdis
EnvCIRCLECI_TOKEN
Primary envCIRCLECI_TOKEN

SKILL.md

🔄 CircleCI

CircleCI CI/CD — manage pipelines, workflows, jobs, and insights via REST API

Requirements

VariableRequiredDescription
CIRCLECI_TOKENPersonal API token from circleci.com

Quick Start

# Get current user
python3 {{baseDir}}/scripts/circleci.py me

# List pipelines
python3 {{baseDir}}/scripts/circleci.py pipelines slug <value> --branch <value>

# Get pipeline
python3 {{baseDir}}/scripts/circleci.py pipeline-get id <value>

# Trigger pipeline
python3 {{baseDir}}/scripts/circleci.py pipeline-trigger slug <value> --branch <value> --parameters <value>

# Get pipeline config
python3 {{baseDir}}/scripts/circleci.py pipeline-config id <value>

# List workflows
python3 {{baseDir}}/scripts/circleci.py workflows id <value>

# Get workflow
python3 {{baseDir}}/scripts/circleci.py workflow-get id <value>

# Cancel workflow
python3 {{baseDir}}/scripts/circleci.py workflow-cancel id <value>

All Commands

CommandDescription
meGet current user
pipelinesList pipelines
pipeline-getGet pipeline
pipeline-triggerTrigger pipeline
pipeline-configGet pipeline config
workflowsList workflows
workflow-getGet workflow
workflow-cancelCancel workflow
workflow-rerunRerun workflow
jobsList workflow jobs
job-getGet job details
job-cancelCancel job
job-artifactsList job artifacts
insights-workflowsWorkflow insights
contextsList contexts
envvarsList project env vars
envvar-setSet env var

Output Format

All commands output JSON by default. Add --human for readable formatted output.

python3 {{baseDir}}/scripts/circleci.py <command> --human

Script Reference

ScriptDescription
{{baseDir}}/scripts/circleci.pyMain CLI — all commands in one tool

Credits

Built by M. Abidi | agxntsix.ai YouTube | GitHub Part of the AgxntSix Skill Suite for OpenClaw agents.

📅 Need help setting up OpenClaw for your business? Book a free consultation

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…