ClawHub

X5 Protocol Client

v1.0.0

Send X5 protocol API requests from the terminal. Use this skill whenever the user wants to test, call, or send X5 API requests; parse .x5 files; generate X5...

0· 62·0 current·0 all-time
by@growingppp
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match what the package implements: parsing .x5 files, generating the X5 MD5 signature, Base64-encoding the envelope, and POSTing to user-provided URLs. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope
SKILL.md instructs the agent to run the included Python CLI against .x5 files or inline parameters. The instructions are scoped to building and sending X5 requests, listing requests, generating cURL, or showing dry-run payloads. The agent is allowed to read files the user points it at (e.g., --file, --body-file), which is expected for this tool.
Install Mechanism
No install spec or external downloads; this is an instruction-only skill with an included Python script. No archive extraction or network install occurs as part of installation.
Credentials
The skill does not require environment variables or credentials beyond appid/appkey provided inline or in .x5 files. The code does not read unrelated environment variables or global config paths.
Persistence & Privilege
always:false (no forced inclusion). The skill does not request persistent system privileges or modify other skills' configs. It runs as a CLI tool when invoked.
Assessment
This skill appears to do exactly what it claims: create and send X5 protocol requests. Before using it, review any .x5 files you didn’t author—they can contain appid/appkey values and arbitrary request bodies and headers that will be sent to the URLs you provide. Do not supply sensitive credentials to untrusted .x5 files or remote endpoints. If you want extra assurance, run the script locally on test endpoints or inspect the full script (it’s included) to confirm behavior; the script uses only Python stdlib and performs network requests only to URLs you supply.

Like a lobster shell, security has layers — review code before you run it.

latestvk97549ngw2ysns713stqwp57w58413cn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments