ClawHub

Bellink

v1.0.2

Connect your AI to 30+ business tools — Gmail, Calendar, Sheets, Mindbody, Meta Ads, Linear, Airtable, Notion, Stripe, and more. One URL, every app.

0· 59·0 current·0 all-time
by@barflotek
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to act as an MCP gateway to many business apps and only asks for a single MCP endpoint URL (BELLINK_URL). That is a coherent design: a gateway URL that encodes an access key is a reasonable way to provide one credential that unlocks many integrations.
Instruction Scope
SKILL.md only instructs the user/agent to supply the BELLINK_URL, add the MCP server, or run an npm helper client. It does not ask the agent to read unrelated files or other environment variables. The instructions are concise, but the guide tells the agent to route requests through an external service (Bellink), which means agent requests and data will transit that service.
Install Mechanism
No install spec or code files are present; this is instruction-only. The README mentions an npm package for optional clients, but there is no automatic install step in the skill itself.
Credentials
Only BELLINK_URL is required, which matches the described design. However, that single URL contains a scoped key and—once provided—gives the gateway access to many third-party accounts (Gmail, Stripe, Slack, etc.). The sensitivity is high: a single env var unlocks broad access, so treating it like a master credential is appropriate.
Persistence & Privilege
always:false and default autonomous invocation are used (normal). Be aware: allowing the agent to call this skill autonomously combined with a BELLINK_URL that grants multi-app access increases the blast radius if the agent is given broad permissions.
Assessment
This skill appears to be what it says: a gateway that routes your agent's app actions through Bellink via a single URL credential. Before installing, consider: 1) Only provide BELLINK_URL if you trust Bellink — it effectively acts as a token with access to all connected apps. 2) Treat BELLINK_URL like a secret: do not paste it into public chat/history, rotate it if compromised, and use any Bellink dashboard controls to scope/revoke it. 3) If you enable autonomous agent access, be aware the agent could perform actions across many services (email, payments, calendars). Limit the agent's permissions or disable autonomous invocation if you are uncomfortable. 4) If you plan to run the optional npm client, review the npm package source and releases before executing. 5) Check Bellink's dashboard/audit logs and least-privilege controls (per-app scopes, disconnect options) so you can revoke or limit access quickly.

Like a lobster shell, security has layers — review code before you run it.

latestvk97779d30dh04sbevvftay4f4h83vxsg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔗 Clawdis
EnvBELLINK_URL
Primary envBELLINK_URL

Comments