ClawHub

My Life Feed

v2.0.1

Manage MyFeed things and groups via the MyFeed REST API.

15· 8.8k·3 current·5 all-time
by@l-fy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (manage MyFeed things/groups) match the declared requirements: one API key (Myfeed_API_KEY) and jq for JSON parsing. No unrelated binaries or extra credentials are requested.
Instruction Scope
Instructions are straightforward curl calls to the MyFeed API and only read the declared Myfeed_API_KEY. They will transmit event data, invites and phone numbers to the remote API (expected for this capability). One minor note: the SKILL.md uses https://skill.myfeed.life/api while the homepage is https://myfeed.life — domain mismatch is likely benign but worth verifying that the API host is official.
Install Mechanism
Instruction-only skill with no install spec or code files — nothing is written to disk during install. Lowest-risk install posture.
Credentials
Only a single API key environment variable (Myfeed_API_KEY) is required, which is reasonable for a REST-API integration. No other secrets or unrelated env vars are requested.
Persistence & Privilege
Skill does not request always:true, does not modify other skills or system settings, and is instruction-only so it has no persistent on-disk components.
Assessment
This skill appears to be what it says: it will use your Myfeed_API_KEY to call the MyFeed API and will send event details and invite phone numbers to the service. Before installing: 1) Verify that https://skill.myfeed.life is an official API host for MyFeed (the README/homepage lists https://myfeed.life; confirm the API subdomain is legitimate). 2) Keep the API key secret and use a key with limited scope if MyFeed supports it; rotate/revoke it if compromised. 3) Be aware that inviting contacts will transmit recipients' phone numbers to the remote service — avoid using this skill if you cannot share that data. 4) Check rate limits and do not expose the API key in logs or public places. If you need stronger assurance, request the skill's publisher/source and a formal privacy/security statement from Reis Mobile SRL or the service operator.

Like a lobster shell, security has layers — review code before you run it.

latestvk973awdaxy53d2b83erj6v56918191fd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📋 Clawdis
Binsjq
EnvMyfeed_API_KEY

Comments