ClawHub

Openpond Cli

v0.1.1

Use the OpenPond CLI to create repos, watch deployments, and run tools without the web UI.

2· 688·1 current·1 all-time
by@glucrypto
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
Name/description describe an OpenPond CLI helper. However the skill metadata declares no required binaries or env vars while the SKILL.md clearly expects npm/npx, the 'openpond' CLI, and git. The missing declared requirements is an incoherence: a CLI helper normally would declare these dependencies.
!
Instruction Scope
Runtime instructions tell the agent to install/open/use the 'openpond' CLI, run git commands, read/modify .git/config (tokenize origin temporarily), and rely on ~/.openpond/cache.json for cached credentials. These actions are within the functional scope (managing repos/deployments) but they involve reading/modifying local git config and persisting API tokens — sensitive operations that the metadata did not advertise.
Install Mechanism
This is an instruction-only skill (no install spec), so nothing is written by the registry itself. The SKILL.md instructs users/agents to run 'npm i -g openpond-code' or use 'npx'. That delegates installation to npm at runtime — lower risk from the registry, but you must vet the npm package (supply chain risk).
!
Credentials
Metadata lists no required environment variables, yet SKILL.md documents optional/expected vars (OPENPOND_API_KEY, OPENPOND_BASE_URL, etc.) and shows non-interactive login via an API key. Requesting and caching API keys is reasonable for this CLI, but the omission from declared requirements reduces transparency and increases the chance of accidental credential exposure.
Persistence & Privilege
always:false and autonomous invocation are default and acceptable. The SKILL.md does indicate persistent state: a cache file at ~/.openpond/cache.json and temporary changes to .git/config during tokenized pushes. These are expected for a CLI that authenticates and pushes code, but they do create persistent tokens and modify local repo config.
What to consider before installing
This skill appears to be a normal CLI wrapper for OpenPond, but the package metadata is incomplete and the runtime steps touch sensitive local state. Before installing or allowing an agent to use it: 1) Verify the 'openpond-code' npm package source and integrity (inspect its repo, reviews, and latest release). Prefer using 'npx' or a scoped/test environment instead of a global install. 2) Use a limited-scope or disposable OPENPOND_API_KEY when testing, and rotate it afterwards. 3) Be aware the CLI will read and temporarily modify your .git/config and will persist credentials under ~/.openpond/cache.json — inspect and remove those files if you don't want persistent tokens. 4) If you plan to let an agent invoke this skill autonomously, limit that agent's file access or run it in an isolated workspace to avoid accidental exfiltration of repository credentials. 5) Ask the skill author/registry to correct metadata (declare required binaries and env vars) so the security surface is transparent.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a6119amz5298ep7fe8k1pes8116n8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments