ClawHub

Spain Legal

v1.0.2

Use when an agent needs structured Spain legal screening for visas, residency, nationality, NIE/TIE, Beckham regime, EU family routes, or Spain tax-regime qu...

1· 82·0 current·0 all-time
by@heyalerio
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name and description match the instructions: it exists to call a remote MCP (Legal Fournier) for structured Spain legal screening. It does not request unrelated credentials, binaries, or config paths.
Instruction Scope
Instructions direct the agent to send case facts to https://legalfournier.com/mcp/spain-legal and to fetch related resources. The SKILL.md explicitly requires user consent and data minimization and forbids sending sensitive identifiers by default. This is appropriate for the stated purpose but does mean user data will be transmitted off-device when used — follow the consent and minimization guidance.
Install Mechanism
Instruction-only skill with no install spec or code files. Nothing is written to disk or fetched at install time.
Credentials
The skill requests no environment variables, credentials, or config paths. No disproportionate access is requested for its described function.
Persistence & Privilege
always is false and the skill does not request to modify agent/system configs or persist credentials. Autonomous invocation is allowed (platform default) but not elevated by the skill itself.
Assessment
This skill delegates screening to Legal Fournier's remote MCP and will transmit user case facts to that endpoint. Before installing or using it: verify the endpoint's authenticity (check the official Legal Fournier site and TLS certificate), ensure you obtain explicit user consent before sending any case-specific facts, prefer anonymized or synthetic facts where possible, and avoid sending sensitive identifiers (passport numbers, full addresses, DOB, phone, email) unless the user explicitly requests a human handoff and understands where data will go. If you handle highly sensitive matters or regulated personal data, prefer an offline/human consultation instead of remote screening. Verify whether the MCP requires any hidden API keys or credentials (none are declared here); if the agent ever asks for credentials to use the endpoint, treat that as suspicious and investigate before providing secrets.

Like a lobster shell, security has layers — review code before you run it.

latestvk978173w11s7z57r3vdd8g38c983js30

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments