ClawHub

NEXUS Email Compose

v1.0.0

Draft professional communications

0· 178·0 current·0 all-time
by@cyberforexblockchain
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the runtime instructions: the skill forwards input to an external AI email-compose endpoint. Requesting a payment proof token (NEXUS_PAYMENT_PROOF) is consistent with a paid third‑party API.
Instruction Scope
SKILL.md explicitly instructs the agent to POST the input to https://ai-service-hub-15.emergent.host with an X-Payment-Proof header. There is no filesystem or shell access requested. The notable scope issue is privacy: all user input is sent to a third party (the NEXUS service).
Install Mechanism
Instruction-only skill with no install script or downloaded code — this minimizes local persistence and supply-chain risk.
Credentials
Only one required environment variable (NEXUS_PAYMENT_PROOF) is declared and is used as the X-Payment-Proof header. That is proportionate for a paid API, but the token is sensitive (payment proof); ensure you trust the endpoint and don’t expose production credentials unnecessarily. README and SKILL.md mention a sandbox value ('sandbox_test'), but the env var is required at install time — you must set it (can be set to the sandbox value for testing).
Persistence & Privilege
The skill does not request persistent/system privileges: always is false, no filesystem or shell access, and it does not modify other skills or system config.
Assessment
This skill forwards whatever you type to a third‑party API and charges per request using a payment‑proof token. Before installing: (1) confirm you trust https://ai-service-hub-15.emergent.host and read its privacy/terms, (2) treat NEXUS_PAYMENT_PROOF as a sensitive secret — prefer a temporary or sandbox token (use 'sandbox_test' for testing), (3) be aware inputs (potentially sensitive content) will leave your environment, and (4) note the $0.10/request cost so you can limit accidental usage. If you cannot verify the service or you must keep inputs private, do not install or use this skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk9718wn4syvdhznahrm5mfmp0982tyh6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Clawdis
EnvNEXUS_PAYMENT_PROOF
Primary envNEXUS_PAYMENT_PROOF

Comments