ClawHub

Remix Api Key Auth

v0.1.0

Configure and verify bearer API key authentication for Remix agent publishing workflows.

0· 974·0 current·0 all-time
by@chuckstock

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for chuckstock/remix-api-key-auth.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Remix Api Key Auth" (chuckstock/remix-api-key-auth) from ClawHub.
Skill page: https://clawhub.ai/chuckstock/remix-api-key-auth
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install chuckstock/remix-api-key-auth

ClawHub CLI

Package manager switcher

npx clawhub@latest install remix-api-key-auth
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description and the SKILL.md align: the document explains how to create, store, and verify a Remix API key for agent publishing workflows. The skill does not request unrelated credentials, binaries, or system access.
Instruction Scope
Instructions are narrowly scoped to creating and testing a Remix API key and include a single suggested test call. They appropriately advise keeping the key server-side. Minor gap: SKILL.md tells the user to "store it as a secret in your service runtime" but does not suggest an env var name or concrete storage mechanism; this is a clarity/usability issue rather than a security incoherence.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing will be downloaded or written to disk during installation.
Credentials
The skill requests no environment variables or credentials. It advises the user to create and store an API key (which is expected for its purpose) but does not demand access to unrelated secrets or system config.
Persistence & Privilege
always:false and no install or config changes. The skill does not request persistent agent presence or modify other skills/settings.
Assessment
This skill is internally consistent and simply documents how to create and test a Remix API key. Before you proceed: (1) only create and provide keys to trusted runtimes/agents; (2) store the key in a server-side secret manager or environment variable — avoid embedding it in client/browser code or chat messages; (3) use least-privilege keys and separate keys per environment/agent; (4) rotate and revoke keys if compromised; and (5) when testing, perform verification calls in a non-production project to avoid unintended side effects. The SKILL.md doesn't prescribe a specific env var name or storage method, so decide a safe naming and storage convention for your environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d7tqhpwv7yqz7reh28c66v180xzef
974downloads
0stars
1versions
Updated 1mo ago
v0.1.0
MIT-0
@chuckstock
latest
Download

Remix API Key Setup

Use this skill when a user needs to authenticate an external service/agent for Remix server APIs.

Steps

  1. Log in to your Remix account.
  2. Go to https://remix.gg/api-keys.
  3. Create a new API key.
  4. Store it as a secret in your service runtime.
  5. Send:
    • Authorization: Bearer <api_key>
  6. Use base URL https://api.remix.gg.

Verification

Run a cheap authenticated call first (for example, POST /v1/agents/games in a test project) to verify the key works.

Troubleshooting Invalid API Key

  • Check Authorization is formatted as Bearer <api_key>.
  • Re-copy the key from https://remix.gg/api-keys and rotate if needed.
  • Verify your service is reading the expected secret/env var in the current runtime.
  • Confirm the request is server-side and not exposed through browser code.
  • If behavior seems inconsistent with local docs, use https://api.remix.gg/docs as source of truth.

Comments

Loading comments...