ClawHub

Klaviyo

v1.0.4

Klaviyo API integration with managed OAuth. Access profiles, lists, segments, campaigns, flows, events, metrics, templates, catalogs, and webhooks. Use this...

9· 15.6k·10 current·12 all-time
by@byungkyu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims Klaviyo API access via managed OAuth and only asks for MATON_API_KEY and gateway endpoints (gateway.maton.ai / ctrl.maton.ai). Those requirements are coherent with a proxy/OAuth manager for Klaviyo.
Instruction Scope
SKILL.md only instructs making HTTPS requests to Maton endpoints and using the MATON_API_KEY header, managing connections via the ctrl endpoint, and completing OAuth via the returned URL. It does not instruct reading unrelated files, other env vars, or transmitting data to unexpected endpoints.
Install Mechanism
No install spec and no code files (instruction-only). Nothing is written to disk or downloaded by the skill itself, which minimizes install-time risk.
Credentials
Only one env var (MATON_API_KEY) is required, which is appropriate for a managed gateway. Note: the Maton API key is powerful — it grants access to the proxy and any linked Klaviyo connections, so treat it like a high-privilege credential.
Persistence & Privilege
always is false and there is no install-time persistence or modification of other skills/config. Default autonomous invocation is allowed but not combined with other concerning privileges.
Assessment
This skill is coherent: it routes Klaviyo requests through Maton and requires only MATON_API_KEY. Before installing, confirm you trust maton.ai (gateway.maton.ai, ctrl.maton.ai) because API requests and OAuth tokens will pass through their service. Treat MATON_API_KEY as sensitive (rotate if compromised), ensure the Maton account has only the permissions you intend, and verify the Maton privacy/security terms if you will send customer data through their gateway. The registry metadata omits a declared primaryEnv (minor inconsistency) but does not affect functionality.

Like a lobster shell, security has layers — review code before you run it.

latestvk9722re82nkhq61qfwnvx0bpen82st5z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
EnvMATON_API_KEY

Comments