ClawHub

Book Color

v1.0.1

Book color services through Lokuli MCP. Use when user needs to find and book color. Triggers on requests like "book a color", "find color near me", or any color service request.

1· 1.3k·0 current·0 all-time
byLokuli@edwardrodriguez703-design
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description align with the runtime instructions: the SKILL.md shows JSON-RPC calls to Lokuli's MCP for searching, checking availability, and creating bookings. There are no unrelated binaries, env vars, or paths requested.
Instruction Scope
Instructions are narrowly scoped to calling the Lokuli MCP endpoint and invoking three tool RPCs (search, check_availability, create_booking). However the create_booking example includes personal contact fields (name, email, phone) and the spec does not document consent, data handling, or what data will be transmitted — the agent will be expected to send user PII to https://lokuli.com/mcp/sse when used.
Install Mechanism
No install steps or code files are provided (instruction-only skill), so nothing is downloaded or written to disk by the installer.
Credentials
The skill declares no environment variables or credentials. That is consistent only if Lokuli's MCP accepts unauthenticated requests; the SKILL.md provides no auth or API-key guidance. Absence of auth details is a potential gap (either the service is public, or required credentials are unlisted).
Persistence & Privilege
The skill is not force-included (always:false) and does not request elevated privileges or modify other skills. Autonomous invocation is allowed by platform default, which is expected for a user-invocable tool.
Assessment
This skill appears to do what it says (call Lokuli's MCP to search and create bookings), but before installing consider: (1) the publisher/source is unknown and there is no homepage—verify you trust 'lokuli.com' and the skill owner; (2) the SKILL.md will send user contact details (name, email, phone) to https://lokuli.com/mcp/sse — confirm you are happy transmitting PII to that endpoint; (3) the skill provides no authentication or API-key instructions — if the service requires credentials the skill may prompt you for them or fail; (4) if you enable autonomous invocation, the agent could initiate bookings on your behalf, so prefer manual invocation until you confirm behavior. If you need higher assurance, ask the publisher for an official README, privacy policy, and example of the auth flow before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dh67ryh3tp7s5a85ed1jgdd80mnwh
1.3kdownloads
1stars
2versions
Updated 1mo ago
v1.0.1
MIT-0
Lokuli@edwardrodriguez703-design
latest
Download

uook color

Book color services through Lokuli's MCP server.

MCP Endpoint

https://lokuli.com/mcp/sse

Transport: SSE | JSON-RPC 2.0 | POST requests

Tools

search

{
  "method": "tools/call",
  "params": {
    "name": "search",
    "arguments": {
      "query": "color",
      "zipCode": "90640",
      "maxResults": 20
    }
  }
}

check_availability

{
  "method": "tools/call",
  "params": {
    "name": "check_availability",
    "arguments": {
      "providerId": "xxx",
      "serviceId": "yyy",
      "date": "2025-02-10"
    }
  }
}

create_booking

{
  "method": "tools/call",
  "params": {
    "name": "create_booking",
    "arguments": {
      "providerId": "xxx",
      "serviceId": "yyy",
      "timeSlot": "2025-02-10T14:00:00-08:00",
      "customerName": "John Doe",
      "customerEmail": "john@example.com",
      "customerPhone": "+13105551234"
    }
  }
}

Comments

Loading comments...