Strawpoll Cli
ReviewAudited by ClawScan on May 1, 2026.
Overview
This appears to be a legitimate StrawPoll command-line helper, but installing it gives an external CLI access to your StrawPoll API key and the ability to change or delete polls.
This skill is coherent for managing StrawPoll from the terminal. Before installing, make sure you trust the upstream strawpoll CLI, protect the API key, and ask the agent to confirm destructive actions such as delete, reset, or any command using --force.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or anything using this configured CLI can act through your StrawPoll account within the API key's permissions.
The skill requires a StrawPoll API key and supports storing or supplying it for CLI use, which grants the CLI account-level access needed to manage polls.
An API key is required. ... strawpoll auth set-key ... export STRAWPOLL_API_KEY="your-key-here"
Use a dedicated or least-privileged API key if available, keep it out of shared logs and scripts, and remove it with the CLI's auth remove command when no longer needed.
A mistaken command could alter, reset, or delete polls and their votes.
The documented CLI can mutate or delete poll data, and the reference includes a force option that skips confirmation. These actions match the skill's purpose but can be high-impact if used on the wrong poll.
strawpoll poll update NPgxkzPqrn2 --title "New title" --add-option "New option" ... strawpoll poll reset NPgxkzPqrn2 ... strawpoll poll delete "$POLL_ID" --force
Confirm poll IDs and avoid --force unless the user explicitly requests a non-interactive destructive action.
The installed upstream binary will handle the user's StrawPoll API key and account actions.
The skill depends on an external CLI package installed from a Homebrew tap or Go module, and the Go command tracks the latest version rather than a pinned release.
brew install dedene/tap/strawpoll ... go install github.com/dedene/strawpoll-cli/cmd/strawpoll@latest
Install from the expected upstream repository, review or pin a trusted version where possible, and update only when intended.
Future polls may inherit saved privacy or visibility settings, which could be surprising if the defaults are changed unintentionally.
The CLI stores persistent defaults that can affect future poll creation and visibility settings.
Save preferred settings to avoid repetitive flags: ... strawpoll config set results_visibility after_vote ... strawpoll config set is_private true ... Config stored at `~/.config/strawpoll/config.yaml`.
Check the saved configuration before creating important polls, especially privacy and results-visibility defaults.