ClawHub

lp-test

v1.0.6

Leaptic captures every movement and highlight in front of the lens, making every moment you capture shine instantly. OpenClaw skill for Leaptic device snapsh...

0· 153·0 current·0 all-time
byLei Liu@liulei2140
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the SKILL.md instructions: the skill documents a single device-snapshot HTTP API and requires an App-Key and region-specific base_url. The declared primaryEnv (LEAPTIC_APP_KEY) aligns with the documented authentication method; no unrelated credentials or binaries are requested.
Instruction Scope
All runtime instructions are scoped to reading the Leaptic snapshot endpoint and resolving credentials from LEAPTIC_APP_KEY, LEAPTIC_BASE_URL, or ~/.config/leaptic/credentials.json. The skill explicitly instructs the agent to ask the user when credentials or region are missing and to only send the key to the documented hosts. It does not instruct the agent to read unrelated system files or exfiltrate data to other endpoints.
Install Mechanism
There is no install spec and no code files; the skill is instruction-only, so nothing is written to disk by an installer. This is the lowest-risk install profile and matches the skill's documentation-only nature.
Credentials
The only credential material the skill expects is the Leaptic App-Key (and an optional base URL). The skill documents a recommended local credentials file and environment variables and explains permission hygiene. No unrelated or excessive environment variables or secrets are requested.
Persistence & Privilege
always:false and default autonomous invocation are normal. The skill does not request permanent system-wide changes, nor does it claim to modify other skills or agent configs. It only reads the documented credential locations when present.
Assessment
This skill appears coherent and limited to calling Leaptic's device snapshot API. Before installing: (1) confirm you obtained your LEAPTIC_APP_KEY from the official Leaptic app or vendor; (2) only provide the key to the documented Leaptic hosts (photon-prod/eu/us.leaptic.tech or a base_url you explicitly configured); (3) if you store the key in ~/.config/leaptic/credentials.json set file permissions (e.g., chmod 600) or prefer a session-only env variable; (4) if you are concerned about an agent acting autonomously, you can disable autonomous invocation for this skill or only invoke it manually; and (5) because the skill's source is listed as unknown in the registry metadata, verify the homepage and vendor identity if you require stronger assurance before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk979cd82a5gtcb8n570p31d3r984j78c

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Primary envLEAPTIC_APP_KEY

Comments