ClawHub

Holded Skill

v0.2.3

Operate Holded ERP through holdedcli to read and update data safely. Use when the user asks to read, search, create, update, or delete Holded entities (conta...

0· 616·1 current·1 all-time
by@jaumecornado
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required binary ('holded'), primaryEnv (HOLDED_API_KEY), and the brew install for a holded CLI are coherent with a skill that drives the Holded API via the holdedcli tool. There are no unrelated credentials, binaries, or config paths requested.
Instruction Scope
SKILL.md stays within the Holded CLI domain: it instructs discovery (actions list/describe), uses holded actions run for reads/writes, and enforces explicit confirmation before writes. One notable behavior: it requires using --skip-validation and forcing an undocumented field ("isReceipt") for purchase receipts — this bypasses client-side validation and can lead to creating payloads that the CLI would otherwise reject. That is coherent with the skill's stated workaround but increases risk if misused, so the agent's mandatory confirmation protocol is appropriate.
Install Mechanism
Install spec uses a Homebrew formula from jaumecornado/tap (brew tap jaumecornado/tap; brew install holded). Homebrew is a common install mechanism, but this is a third‑party tap (not Homebrew/core). Installing from a personal tap carries more trust risk than an official release channel; verify the tap/author before installing.
Credentials
Only the Holded API key (HOLDED_API_KEY) is declared as the primary credential, which matches the skill's need to authenticate to Holded. The documentation mentions possible alternative credential sources (~/.config/holdedcli/config.yaml), but no extra or unrelated secrets are requested.
Persistence & Privilege
The skill does not request always:true and does not attempt to modify other skills or system-wide settings. It is instruction-only (no code files executed by the skill itself) and relies on the holded binary; normal agent autonomy settings apply.
Assessment
This skill appears to do what it claims, but check a few things before installing or enabling it: 1) Verify the Homebrew tap (jaumecornado/tap) and that you trust its author/source before running brew tap/install; third‑party taps can install arbitrary binaries. 2) Keep your HOLDED_API_KEY secret and only inject it when you trust the environment. 3) Understand that the skill recommends using --skip-validation and adding an undocumented field ("isReceipt") to create some purchase receipts — this bypasses client validation and can create records that may be invalid or unexpected if used incorrectly; rely on the mandatory confirmation flow and review payloads carefully. 4) The skill reads local holdedcli config (~/.config/holdedcli/config.yaml) as a credential source if present — be aware that local CLI config may be used. 5) Because the skill is instruction‑only, there are no embedded code files to audit, so your main exposure is the installed holded binary; validate that binary's provenance.

Like a lobster shell, security has layers — review code before you run it.

latestvk970racq29z4xhrwr122zrm63181936d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsholded
Primary envHOLDED_API_KEY

Install

Install holdedcli (brew)
Bins: holded
brew install jaumecornado/tap/holded

Comments