Chen Things Mac
v1.0.0Manage Things 3 via the `things` CLI on macOS (add/update projects+todos via URL scheme; read/search/list from the local Things database). Use when a user as...
⭐ 1· 101·0 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the actions in SKILL.md: it uses the local `things` CLI to read the Things DB and to add/update items via the URL scheme. The install spec (go module github.com/ossianhempel/things3-cli) and required binary `things` are appropriate. Minor metadata inconsistency: the registry metadata ownerId differs from the _meta.json ownerId, and the skill source is listed as unknown even though the SKILL.md points to a GitHub repo — worth verifying.
Instruction Scope
Runtime instructions are focused on running the `things` CLI and are otherwise narrow (no network endpoints). However, they explicitly advise granting Full Disk Access to the calling app (Terminal or `Clawdbot.app`) to read the local Things database; Full Disk Access is a broad, system-level privilege that can expose other user files. SKILL.md also references optional env vars (THINGSDB, THINGS_AUTH_TOKEN) that are not declared in requires.env.
Install Mechanism
Install uses `go install github.com/ossianhempel/things3-cli/...@latest` which will fetch and compile code from GitHub. This is a common distribution method for Go tools but carries moderate risk compared with vetted packages/releases because it pulls remote source (and uses @latest instead of a pinned version). Recommend verifying the repository and using a pinned release/commit.
Credentials
The skill does not require any credentials in registry metadata, which matches most of the SKILL.md. It does mention an optional THINGS_AUTH_TOKEN for write/update operations; that token grants modification ability and should be treated as sensitive. No unrelated credentials are requested. The bigger proportionality issue is the Full Disk Access request (system permission rather than an env var) which is broader than just reading a single app database.
Persistence & Privilege
always is false and the skill does not request persistent or system-wide configuration changes. It does not modify other skills' configs or request elevated/invisible persistence.
Assessment
This skill appears to do what it says, but review before installing: 1) Verify the GitHub repository and owner (and the mismatched ownerId in metadata) before running `go install` from @latest — prefer a pinned release/commit. 2) Be cautious about granting Full Disk Access to the agent gateway app (Clawdbot.app): that permission is broad and can expose other files; only grant it if you trust the agent host. 3) Treat THINGS_AUTH_TOKEN as sensitive — provide it only when necessary and consider using short-lived tokens if supported. 4) Use `things --dry-run` for write operations to preview actions. 5) If you want lower risk, install and run the CLI manually yourself rather than letting the skill auto-install/compile it.Like a lobster shell, security has layers — review code before you run it.
latestvk9751b9wwwtq6d1jmjephy6yax83ewv6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
✅ Clawdis
OSmacOS
Binsthings
Install
Install things3-cli (go)
Bins: things
go install github.com/ossianhempel/things3-cli/cmd/things@latest