ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Toggle

v1.0.6

Context layer for your agent. ToggleX captures the user's work sessions, projects, focus scores, and context switches across the web — giving the agent aware...

8· 861·2 current·3 all-time
byAleksandar Yordanov@aleksandar-jive
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (context layer / activity capture) matches the actual behavior: the included script fetches workflow JSON from the ToggleX endpoint and exposes it to the agent. Declared requirements (python3 and TOGGLE_API_KEY) are proportional and expected for this purpose.
Instruction Scope
SKILL.md and scripts/toggle.py limit network I/O to the declared endpoint (https://ai-x.toggle.pro/public-openclaw/workflows) and only send the TOGGLE_API_KEY in an x-openclaw-api-key header. The script reads/writes a local state.yaml in the skill directory and can persist per-day markdown files into a provided memory folder. One operational note: sample workflow data can include domain strings (including localhost addresses in the example). The skill itself does not fetch those domains, but downstream agent logic or automated actions prompted by the SKILL.md (which encourages proactive nudges/automations) could choose to follow or act on them — that process is outside this script and deserves caution.
Install Mechanism
No install/download steps are present (instruction-only with an included script). No external archives or third-party package installs are triggered by the skill itself, so there is low install-surface risk.
Credentials
Only a single environment credential (TOGGLE_API_KEY) is required and declared as the primary credential. No unrelated secrets, system credentials, or additional config paths are requested.
Persistence & Privilege
The skill writes a state.yaml to its own skill directory and can write persistent markdown files into a memory directory you provide (or the suggested ../../memory). It reads the OpenClaw cron jobs file (~/.openclaw/cron/jobs.json) to advise about scheduling. It does not require always=true and does not modify other skills or system-wide settings, but you should be aware it will create/modify files under the skill and memory locations when invoked with --persist.
Assessment
This skill appears coherent for its stated purpose, but consider the following before installing: - Endpoint trust: the script sends your TOGGLE_API_KEY to https://ai-x.toggle.pro. Only use a key if you trust that service. Verify the domain and integration page before adding a real API key. - Least privilege: create a dedicated ToggleX integration key with limited scope/expiry if possible, rather than using a broad or long-lived user key. - Memory persistence: when you run with --persist (or use the suggested ../../memory path), the skill will write markdown files containing your activity data. Confirm where those files will be stored and who/what can read them. - Cron checks: the script reads ~/.openclaw/cron/jobs.json to check scheduling. It will create state.yaml inside the skill dir if missing. Review that file before trusting automated runs. - Downstream automation caution: SKILL.md encourages proactive nudges and automations. The script returns raw JSON that can include domain strings (the sample even shows local addresses). The skill itself does not fetch or act on those domains, but if you enable agent-driven automations, ensure you limit any automatic following of URLs (to avoid accidental access to internal services or SSRF-like risks). - Operational safety: do not paste the API key into chat; set it via your OpenClaw config or environment as documented. If you have doubts after running the skill, revoke the key on the provider side. If you trust ai-x.toggle.pro and are comfortable with the skill writing memory files and reading your OpenClaw cron config, the skill is consistent and reasonable to install.

Like a lobster shell, security has layers — review code before you run it.

latestvk979qdtjeez31qybsy1gm8ptv981gc9g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

👁️ Clawdis
Binspython3
EnvTOGGLE_API_KEY
Primary envTOGGLE_API_KEY

Comments