WebUntis

Type: OpenClaw Skill Name: webuntis Version: 1.0.1 The skill bundle is benign. The `SKILL.md` clearly outlines the purpose of read-only access to WebUntis timetables and provides secure guidance for credential handling via environment variables. The `scripts/webuntis.py` script implements this functionality by reading credentials from environment variables and making JSON-RPC calls to the configured WebUntis instance. There is no evidence of data exfiltration to unauthorized third parties, malicious command execution, persistence mechanisms, or prompt injection attempts against the agent. All actions are consistent with the stated purpose.