ClawHub

Book Spa

v1.0.1

Book spa services through Lokuli MCP. Use when user needs to find and book spa. Triggers on requests like "book a spa", "find spa near me", or any spa service request.

0· 1.3k·0 current·0 all-time
byLokuli@edwardrodriguez703-design
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description and SKILL.md align: the skill describes searching, checking availability, and creating bookings via Lokuli's MCP. However, no credentials or auth mechanism are declared even though the SKILL.md references a remote MCP endpoint (https://lokuli.com/mcp/sse) that in practice is likely to require authentication.
Instruction Scope
Runtime instructions are narrowly scoped to calling the Lokuli MCP via JSON-RPC 'tools/call' methods (search, check_availability, create_booking). The instructions do not request reading local files, environment variables, or unrelated system state. They do include placeholder/example fields (dates, providerId/serviceId, customer contact) that must be supplied at runtime.
Install Mechanism
Instruction-only skill with no install spec and no code files — minimal installation risk. Nothing is downloaded or written to disk by the skill itself.
!
Credentials
The skill declares no required environment variables or primary credential, yet it calls an external MCP endpoint to create bookings. This is inconsistent: booking APIs typically require API keys or authenticated sessions. It's unclear whether authentication is expected to be provided by the hosting platform/tooling (tools/call) or was omitted. In addition, create_booking templates include user PII (name, email, phone) — the skill should justify how/where credentials and user data are supplied and protected.
!
Persistence & Privilege
The skill does not set disableModelInvocation and therefore can be invoked autonomously by the model. Because it can create bookings (a side-effecting operation that uses personal contact info), allowing autonomous invocation increases risk of unintended bookings or data leakage. The skill also does not set any 'always' flag (which is good), but lacking an explicit model-invocation control is a concern for safety/privacy.
What to consider before installing
Before installing, ask the publisher how authentication to Lokuli's MCP is handled and where API keys/sessions are stored — the skill currently declares no credentials. Require explicit user confirmation before create_booking is executed (or set disableModelInvocation: true) so the model cannot place bookings autonomously. Verify that the hosting platform's tools/call will not leak booking recipient PII and that a sandbox/testing mode exists to validate behavior without making real bookings. If you cannot get clear answers about auth and confirmation safeguards, treat this skill as high-risk and do not enable it for production use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ca6hgakfb228996a0bkz0b180mbrs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments