ClawHub

WordPress

v1.0.1

WordPress.com API integration with managed OAuth. Manage posts, pages, sites, and content. Use this skill when users want to create, read, update, or delete WordPress.com posts, pages, or manage site content. For other third party apps, use the api-gateway skill (https://clawhub.ai/byungkyu/api-gateway). Requires network access and valid Maton API key.

7· 3.7k·5 current·5 all-time
by@byungkyu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description state a WordPress.com API integration using a Maton-managed gateway; the only required item is MATON_API_KEY which is precisely what a gateway/OAuth proxy would need. No unrelated services, binaries, or config paths are requested.
Instruction Scope
SKILL.md contains concrete HTTP usage examples that call gateway.maton.ai and ctrl.maton.ai and instruct the agent to send Authorization: Bearer $MATON_API_KEY. The instructions do not direct reading local files, other env vars, or transmitting data to unexpected endpoints beyond the Maton endpoints described.
Install Mechanism
There is no install spec and no code files to execute — the skill is instruction-only, which minimizes installation risk.
Credentials
Only MATON_API_KEY is required, which is proportionate for a managed OAuth gateway. Note: possession of MATON_API_KEY likely grants Maton-mediated access to all WordPress connections for that account, so the key is powerful — this is expected but users should understand the breadth of access they are granting to Maton.
Persistence & Privilege
The skill does not request 'always: true', does not modify other skills or system settings (instruction-only), and uses standard autonomous invocation defaults. No elevated persistence or system-wide configuration is requested.
Assessment
This skill is internally consistent with its stated purpose: it uses a Maton gateway to proxy WordPress.com API calls and requires only MATON_API_KEY. Before installing, confirm you trust maton.ai (gateway.maton.ai, ctrl.maton.ai, connect.maton.ai) because that service will mediate OAuth and can act on your WordPress sites. Treat MATON_API_KEY like any sensitive credential: do not reuse it across untrusted apps, limit its scope if possible, rotate it regularly, and test actions on non-production sites first. If you need more assurance, ask the publisher for a homepage, source repo, or privacy/security documentation for Maton.

Like a lobster shell, security has layers — review code before you run it.

latestvk97da2jh6enry5hjyr7z9s60gd80wjsg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
EnvMATON_API_KEY

Comments