ClawHub

Auth0 Token Vault

v0.4.0

Access third-party services (Gmail, Slack, Google Calendar) on behalf of authenticated users via Auth0 Token Vault. Use when the user wants to search, read,...

0· 82·0 current·0 all-time
byDeepu K Sasidharan@deepu105
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (Auth0 Token Vault, Gmail/Slack/Calendar access via Auth0) matches the runtime instructions and required binary (auth0-tv). The npm install (auth0-token-vault-cli) that provides auth0-tv is coherent with the stated purpose.
Instruction Scope
SKILL.md confines agent behavior to invoking the auth0-tv CLI with --json and requires human-in-the-loop for login/connect flows. It specifies using --confirm for destructive actions and only mentions reading files explicitly for message body input. It does not instruct the agent to read unrelated files or env vars beyond an optional AUTH0_TV_OUTPUT setting.
Install Mechanism
Install is via an npm package (auth0-token-vault-cli), which is a typical distribution method for a CLI. This is moderate risk versus a vetted package manager tap or source, especially because the skill metadata has no homepage/source URL to verify the package origin. Also note the _meta.json version differs from the registry metadata (0.2.3 vs 0.4.0), a minor inconsistency worth checking.
Credentials
The skill declares no required env vars or credentials, which aligns with being a wrapper around a local CLI. However, auth0-tv will use locally stored Auth0/OAuth tokens (and may persist credentials locally), so the agent effectively gains the ability to act with those tokens. The skill does not declare where tokens are stored; this is proportionate to the purpose but important for user awareness.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. Autonomous invocation is allowed (platform default). Because the CLI can perform actions on connected accounts, autonomous invocation increases blast radius if the agent is permitted to run destructive commands with --confirm; SKILL.md advises human intervention for login/connect and requires --confirm for destructive actions, which mitigates risk but does not eliminate it.
Assessment
This skill appears to do what it claims (call a local auth0-tv CLI to act on behalf of authenticated users). Before installing: 1) Verify the npm package source and publisher on the npm registry (look for homepage, repository, publisher identity, and recent versions); 2) Inspect the auth0-tv binary or its upstream repository if possible to confirm where it stores tokens and what it can do; 3) Be cautious about granting autonomous agents the ability to invoke this skill — destructive actions require --confirm but an agent could still send/read messages using stored tokens; 4) If you must install, run npm audit, review package files locally, and consider running the CLI manually first to understand its prompts and credential storage. The lack of a homepage/source and the small metadata version mismatch reduce confidence — verify provenance to raise your assurance level.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f761gaphwfv34nmheh4eme5841krp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔐 Clawdis
OSmacOS · Linux
Binsauth0-tv

Install

Install auth0-tv (npm)
Bins: auth0-tv
npm i -g auth0-token-vault-cli

Comments