ClawHub

Pipeworx randomuser

v1.0.0

Generates realistic fake user profiles with detailed personal info including name, contact, address, nationality, and profile photo, optionally filtered by g...

0· 33·0 current·0 all-time
byBruce Gutman@brucegutman
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (generate realistic fake user profiles) align with the SKILL.md which documents API calls to a randomuser endpoint. No unrelated credentials, binaries, or config paths are requested. Note: registry source/homepage are missing, but that affects provenance, not functional coherence.
Instruction Scope
The instructions are narrowly scoped: a single example curl POST to https://gateway.pipeworx.io/randomuser/mcp invoking generate_users/generate_by_gender. They do not instruct reading local files, environment secrets, or other system state. They do cause network calls to an external service and return profile picture URLs (expected for this capability).
Install Mechanism
No install spec and no code files are present (instruction-only), so nothing is written to disk or installed. This is the lowest-risk installation model and is proportionate for the described function.
Credentials
The skill requires no environment variables, credentials, or config paths. That is appropriate for a simple API-invocation skill that doesn't need user secrets.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent privileges. It can be invoked by the agent (normal default), which is appropriate for a user-invocable tool of this type.
Assessment
This skill appears functionally coherent and low-risk: it simply calls an external Pipeworx gateway to return fake user profiles. Before installing, consider: 1) the API endpoint is external (gateway.pipeworx.io) — ensure you trust that service because requests and returned data flow through it; 2) profile pictures are hosted externally and may expose request metadata; 3) there is no homepage or source listed — if provenance matters, ask the publisher for a homepage/repo or test in a sandbox first; 4) avoid using generated data for fraudulent or targeted impersonation. If any of those are concerns, request more information from the publisher or run the skill in an isolated environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dqgzqe01dwk6vc5wz49c5as84tqax

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments