ClawHub

Cozi Family Organizer

v1.0.2

Interact with Cozi Family Organizer (shopping lists, todo lists, item management). Unofficial API client for family organization.

2· 655·0 current·0 all-time
by@angusthefuzz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Cozi client) match the included code and declared requirements. Required binaries (node) and env vars (COZI_EMAIL, COZI_PASSWORD) are exactly what an unofficial Cozi CLI would need.
Instruction Scope
SKILL.md commands correspond to the CLI actions implemented in scripts/cozi.js. The script only reads COZI_EMAIL and COZI_PASSWORD from skill- or agent-level .env files, caches a session locally, and makes HTTPS requests to rest.cozi.com — all within the stated scope.
Install Mechanism
No install spec or external downloads; this is instruction-only plus an included Node script. No archive downloads or external installers are used.
Credentials
Only two environment variables (COZI_EMAIL, COZI_PASSWORD) are required. The code explicitly filters .env lines to those two keys, so it does not read arbitrary secrets from agent .env files.
Persistence & Privilege
always:false (no forced inclusion). The skill caches the Cozi session token in ~/.openclaw/skills/cozi/.session.json — expected for convenience and limited to the skill's directory. The skill does not modify other skills or global configs.
Assessment
This skill appears coherent and implements an unofficial Cozi CLI. Before installing: (1) Understand it requires your Cozi email and password — store them in the skill-level .env (~/.openclaw/skills/cozi/.env) if you want to limit exposure to the agent-level .env. (2) It caches an access token in ~/.openclaw/skills/cozi/.session.json — protect that file (permissions) or remove it to force re-auth. (3) Confirm you are comfortable giving your Cozi credentials to an unofficial client (Cozi may change the API and the client is not official). (4) Verify you have Node installed and review scripts/cozi.js yourself if you want to double-check no unexpected network endpoints or behavior. Overall this skill is internally consistent but exercise standard caution with credentials and third‑party/unofficial clients.

Like a lobster shell, security has layers — review code before you run it.

latestvk9723far5wdwa0qnzaggsh2wbh817aje

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📋 Clawdis
Binsnode
EnvCOZI_EMAIL, COZI_PASSWORD

Comments