ClawHub

Api Gateway Tmp

v1.0.0

Connect to 100+ APIs (Google Workspace, Microsoft 365, GitHub, Notion, Slack, Airtable, HubSpot, etc.) with managed OAuth. Use this skill when users want to...

0· 95·0 current·0 all-time
by@ayakolin·fork of @byungkyu/api-gateway (1.0.69)
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (API gateway for many third‑party services) match the declared requirement (MATON_API_KEY) and the runtime instructions (call gateway.maton.ai / ctrl.maton.ai). No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs the agent to make network requests to Maton gateway and control endpoints and to use the MATON_API_KEY. It does not instruct reading local files, unrelated environment variables, or transmitting data to unexpected endpoints. Connection creation requires an OAuth flow; the doc explicitly says the API key alone does not grant third‑party access.
Install Mechanism
Instruction-only skill with no install spec and no code files to write to disk. Lowest-risk install profile.
Credentials
Only one environment variable (MATON_API_KEY) is required, which is proportional to an API gateway integration. However, that single key is powerful: it authorizes requests to Maton's service which can in turn call user‑authorized third‑party APIs. Users should treat the API key as sensitive and only provide it to a trusted service.
Persistence & Privilege
Skill is not marked always:true and requests no persistent system privileges. Autonomous model invocation is allowed (platform default) but does not by itself indicate excessive privilege.
Assessment
This skill is coherent with its description: it proxies native API calls through Maton and needs a MATON_API_KEY. Before installing, confirm you trust maton.ai because the API key grants the gateway the ability to act on any third‑party connections you authorize there. Best practices: (1) only connect services you intend to use, (2) create and store the MATON_API_KEY securely, (3) periodically rotate/revoke the key if no longer needed, (4) review Maton’s privacy/security docs and the OAuth scopes requested when you connect each third‑party service, and (5) consider testing with a limited/non‑privileged account first.

Like a lobster shell, security has layers — review code before you run it.

latestvk976cpn2q3eebrr3hf88x17nm583ccks

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
EnvMATON_API_KEY

Comments