Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description describe sending local JSON to a webhook. The included main.py implements POSTing a payload file to a user-provided endpoint and writing a small JSON result to disk — this is coherent with the stated purpose. Some unused CLI options exist but are not harmful.
Instruction Scope
SKILL.md instructs running main.py with --endpoint and --payload which matches the code path that posts data. The code also supports a separate --url GET path (fetching up to 200k bytes) and several other unused flags; these extend behavior beyond the example but are not inconsistent with a 'network' skill. Be aware the tool will POST the raw contents of the payload file to any endpoint you give it (no additional filtering or validation).
Install Mechanism
Instruction-only with a small Python script; there is no install step, no downloads, and nothing is written to system locations beyond the output file you specify.
Credentials
The skill requests no environment variables or credentials. It requires you to supply the endpoint URL and payload file at runtime — this is proportionate to its function.
Persistence & Privilege
The skill is not marked always:true and does not attempt to modify agent or system configuration. It runs only when invoked.
Assessment
This skill is functionally what it says: it will read a local file and make outbound HTTP requests to an endpoint you provide, then write a small output JSON. Before using it, verify the endpoint URL and the payload file: do not point it at untrusted servers or post sensitive secrets. Note the script does not validate or scrub the payload (it posts the raw file bytes with Content-Type: application/json), has a 10s timeout, and does not save full response bodies for POST requests. If you need stricter behavior, add validation, whitelist endpoints, or run in a restricted network environment.Like a lobster shell, security has layers — review code before you run it.
latestvk975bqsmsxjzhv06kr47wh801184exg4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.