ClawHub

Omnis Venture Intelligence

v1.0.3

Discover and score venture opportunities with machine-first APIs using read-first workflows.

0· 272·0 current·0 all-time
byBrandon Brooks@hcs412
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with the runtime instructions: all calls described target bamboosnow.co endpoints for discovery/scoring. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope
SKILL.md limits operations to read-only GET calls, documents billing safety (explicitly forbids billing POSTs), and instructs the agent not to search local files or environment for credentials. All referenced resources are on the stated domain.
Install Mechanism
No install spec and no code files — the skill is instruction-only, so nothing is written to disk or downloaded during install.
Credentials
The skill declares no required environment variables or primary credential. It documents an x-api-key header for authenticated endpoints and instructs the agent to request an API key from the user in-session rather than scanning env/files — this is proportionate to the described API usage.
Persistence & Privilege
always is false and there is no install-time persistence. The skill can be invoked autonomously (platform default), which is expected for plugins of this type and is not combined with any other elevated privileges here.
Assessment
This skill appears coherent and read-only, but take these practical steps before installing or using it: 1) Verify the bamboosnow.co service and its OpenAPI docs (https://www.bamboosnow.co/docs/api/openapi.v1.yaml) match your expectations. 2) Only provide an API key interactively when you trust the provider; do not paste broader cloud credentials or long-lived secrets. Prefer a scoped or ephemeral key if possible. 3) The skill forbids billing POSTs — if you need to fund anything, use the hosted checkout URL yourself rather than asking the agent to perform writes. 4) Monitor any account activity or billing after first use. 5) If you require higher assurance, ask the publisher for a security/privacy contact or review a signed, hosted OpenAPI spec before granting access.

Like a lobster shell, security has layers — review code before you run it.

apivk971kphpbdfjksk3fj3rfqq83h826731deal-sourcingvk971kphpbdfjksk3fj3rfqq83h826731latestvk97a4dytysh734nkx9zd2db5vd827jpgventurevk971kphpbdfjksk3fj3rfqq83h826731

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments