ClawHub

OpenClaw Antigravity Sync Skill

v1.0.0

Automatically discover and configure available Google Antigravity models and quotas.

0· 1.1k·9 current·9 all-time
byKaran Baweja@krnbwj
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill claims to discover Google Antigravity models and quotas and then update OpenClaw config; the code reads OpenClaw auth profiles and openclaw.json and calls a Google Cloud Code Assist endpoint to fetch models—this is coherent with the description. Note: it calls an internal-looking endpoint path (/v1internal:fetchAvailableModels) on cloudcode-pa.googleapis.com, which is plausible for a vendor API but is nonstandard/implementation-specific.
Instruction Scope
Runtime instructions are narrowly scoped: ensure you're logged in with the google-antigravity profile and run the included Node script. The script only reads ~/.openclaw/agents/main/agent/auth-profiles.json and ~/.openclaw/openclaw.json, queries the Antigravity API, and writes a backup plus updated openclaw.json. It does not attempt to read unrelated system files or send data to unexpected endpoints.
Install Mechanism
No install spec or downloads; the skill includes its Node script and a package.json. That is low risk compared with remote fetch/extract installers. It does require Node to be present (not declared explicitly).
Credentials
No environment variables or external credentials are declared; the script reads the OpenClaw auth profile file to obtain a bearer token for the Google Antigravity API, which is appropriate for its function. It does not request unrelated credentials or config paths.
Persistence & Privilege
The skill is not forced-always, is user-invocable, and does not modify other skills or system-wide settings. It does persist changes to the user's openclaw.json (intended and documented) and creates a .bak backup before writing.
Assessment
This skill appears to do what it says: read your OpenClaw auth profile, call the Antigravity API, and update openclaw.json (with a backup). Before installing/running it: (1) verify the skill source (the repo/homepage is missing here) — prefer code from a trusted repository; (2) inspect the included sync.cjs (you already have) and confirm the API host (cloudcode-pa.googleapis.com) is expected for your environment; (3) back up your existing ~/.openclaw/openclaw.json (the script makes a .bak but keep your own copy); (4) run the script in a controlled context the first time (or on a copy of your config) to ensure it behaves as expected; and (5) if you have concerns about the internal-looking API path, confirm with your provider/documentation that this endpoint is appropriate for automated queries. If you want higher assurance, request provenance (repository URL or maintainer identity) before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97142z7ef0tn835qp60cpn7t581aned

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments