ClawHub

Verosight Monitor

v1.0.2

Integrate Verosight API for social media intelligence and cyber monitoring. Sentiment analysis, trend detection, influencer identification, and bot detection...

0· 43·0 current·0 all-time
by@jrrqd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill is described as a Verosight API integration and all docs, example curl calls, and helper scripts target api.verosight.com; this is consistent. Minor mismatch: the registry metadata lists no required environment variables but the runtime instructions and scripts clearly require a Verosight API key (examples reference VEROSIGHT_API_KEY and keys that begin with vlt_live_/vlt_test_).
Instruction Scope
SKILL.md and the helper scripts only instruct the agent to call Verosight endpoints and to generate reports locally. They do not direct data to third-party endpoints outside verosight.com. However, examples and scripts assume the presence of command-line tools (curl, jq in examples, and python3 in the scripts) which are not declared in the metadata; the agent running this skill will need these binaries available.
Install Mechanism
No install spec — this is an instruction-only skill with helper scripts. Nothing is downloaded from external or untrusted URLs during install, and no archives are extracted.
Credentials
The skill requires a Verosight API key / JWT to operate, which is appropriate for its functionality. The registry failing to declare required env vars (VEROSIGHT_API_KEY) is an omission you should note. No other unrelated secrets or credentials are requested.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and has no install-time persistence. It can be invoked autonomously by the agent (platform default), which is expected for a skill of this type.
Assessment
This skill appears to do what it claims: use your Verosight API key to query api.verosight.com and build reports. Before installing: 1) Verify verosight.com is the legitimate service you expect and only provide API keys you control. 2) Note the metadata omission: ensure the agent environment has curl and python3 (and jq if you use the examples) available. 3) The helper scripts print/emit JWTs and API responses locally — avoid pasting keys into shared reports and follow the README note to strip secrets from generated PDFs. 4) If you want stricter safety, confirm the runtime will restrict network egress to trusted hosts or run the skill in an environment where you can audit outbound calls. These steps will reduce accidental credential exposure while using the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b1x4khhntvnkx16652jc40583yp89

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments