ClawHub

Apify Bluesky Scraper

v1.0.0

Scrape Bluesky social posts via AT Protocol. Use when user asks to search Bluesky, find Bluesky posts, monitor Bluesky discussions, or extract Bluesky data....

0· 216·1 current·1 all-time
byMarcin Dudek@marcindudekdev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the SKILL.md calls the Apify REST API to run a specific Apify Actor ID (WAJfBnZBYR9mJrk5d). Required binaries (curl, jq) and APIFY_TOKEN are exactly what you would expect to call Apify's API and parse JSON results.
Instruction Scope
Instructions are narrowly scoped: they show how to prompt for search parameters, POST to Apify endpoints (sync or async), poll run status, fetch dataset items, and summarize results. They do not instruct reading unrelated files, scanning local system state, or sending data to third-party endpoints outside api.apify.com.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk by the skill itself.
Credentials
Only APIFY_TOKEN is required and declared as the primary credential. That is proportional: Apify API requests require an API token. No other secrets or unrelated env vars are requested.
Persistence & Privilege
The skill is user-invocable, not always-enabled, and does not request persistent system privileges or modify other skills. Autonomous invocation is allowed (platform default) but is not combined with other high-risk properties.
Assessment
This skill appears internally consistent, but before installing consider: (1) APIFY_TOKEN grants operations on your Apify account—use a least-privilege or expendable token if possible and rotate it after testing; (2) the actor runs on Apify infrastructure and can execute arbitrary scraping code—verify the actor ID/owner and review the actor's source or documentation on apify.com to confirm trustworthiness; (3) datasets produced by the actor may be stored on Apify and could be visible depending on actor settings—check privacy/billing implications; (4) test with a small maxResults and a throwaway account/token first. If you cannot confirm the actor's provenance, treat the token as sensitive and avoid giving production-scoped credentials.

Like a lobster shell, security has layers — review code before you run it.

apifyvk971hmg30w55zacqbkzb45zk5582eetaat-protocolvk971hmg30w55zacqbkzb45zk5582eetablueskyvk971hmg30w55zacqbkzb45zk5582eetalatestvk971hmg30w55zacqbkzb45zk5582eetascrapingvk971hmg30w55zacqbkzb45zk5582eetasocial-mediavk971hmg30w55zacqbkzb45zk5582eeta

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦋 Clawdis
Binscurl, jq
EnvAPIFY_TOKEN
Primary envAPIFY_TOKEN

Comments