ClawHub

Instagram API

v1.0.13

Instagram API integration with a single agntdata API key (Bearer token). Read user profiles, media, reels, explore feeds, and hashtag data. Use this skill wh...

1· 83·0 current·0 all-time
byJaen@jaencarrodine
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth tokenRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and declared requirements (AGNTDATA_API_KEY, curl) align with an HTTP wrapper around agntdata's Instagram endpoints. The SKILL.md documents endpoints and usage consistent with this purpose.
Instruction Scope
Runtime instructions are limited to calling agntdata endpoints, setting the AGNTDATA_API_KEY env var, and optionally hitting a one-time register endpoint. The skill does not instruct reading unrelated files, system credentials, or sending data to external endpoints outside the agntdata domains documented in the README.
Install Mechanism
This is an instruction-only skill with no install spec or archived downloads; no code is written to disk. Risk from installation is minimal.
Credentials
Only a single service credential (AGNTDATA_API_KEY) is required and used as a Bearer token for agntdata APIs; this is proportionate. No unrelated secrets or excessive env vars are requested.
Persistence & Privilege
always is false and the skill does not request elevated or persistent platform privileges. Default autonomous invocation is allowed but not exceptional and is consistent with typical skills.
Assessment
This skill appears internally coherent, but you should verify you trust the agntdata service before supplying an API key. Recommendations: (1) Confirm the API hostname (api.agntdata.dev) and dashboard URL are legitimate for the provider you expect. (2) Use a least-privileged API key and scope/rotate it if possible. (3) Avoid pasting the API key into public chat; set it as an environment variable in a secure environment. (4) If you need tighter control or offline validation, prefer installing the vendor plugin mentioned in the SKILL.md and review its package source before use. If you notice the skill asking for other credentials or instructing access to system files, do not proceed.

Like a lobster shell, security has layers — review code before you run it.

latestvk970q25ed5sm24vv7hc0trqr1d84yy9k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📷 Clawdis
Binscurl
EnvAGNTDATA_API_KEY
Primary envAGNTDATA_API_KEY

Comments