ClawHub

Native Monday

v0.1.0

Read and query Monday.com boards, items, workspaces, and users directly via the Monday.com GraphQL API. Use when you need project/task data, board contents,...

3· 446·3 current·3 all-time
by@codeninja23
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description: direct Monday.com GraphQL access. Declared requirements: python3 and MONDAY_API_TOKEN. The script only calls api.monday.com and exposes board/workspace/user queries — these requirements are proportionate to the stated purpose.
Instruction Scope
SKILL.md instructs running the included Python script against api.monday.com and to set MONDAY_API_TOKEN. The script only reads that env var, issues GraphQL requests, and prints results. It does not read unrelated files, other env vars, or transmit data to external endpoints beyond api.monday.com.
Install Mechanism
No install spec (instruction-only with an included script). No downloads or external package installs — lowest-risk distribution method.
Credentials
Only MONDAY_API_TOKEN is required and is used as the Authorization header for calls to api.monday.com. No unrelated credentials, secrets, or config paths are requested.
Persistence & Privilege
always is false and the skill does not request persistent or system-wide privileges. It does not modify other skills or system configs.
Assessment
This skill appears to do exactly what it says: run a small Python script that uses your MONDAY_API_TOKEN to query api.monday.com. Before installing, confirm you are comfortable providing a Monday personal/API token to the agent (tokens grant access to your account data). Use a token with least privilege possible, rotate/revoke it if needed, and run the skill in an environment where network traffic to api.monday.com is allowed and monitored. If you need stronger assurance, review the included scripts/monday.py yourself (it is short and readable) or run it locally rather than granting the agent autonomous access.

Like a lobster shell, security has layers — review code before you run it.

latestvk970qe01mqeha6j5hmw5y7seh181r1ve

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
EnvMONDAY_API_TOKEN
Primary envMONDAY_API_TOKEN

Comments