ClawHub

Gov Business Entity

v1.0.0

Search company registrations via OpenCorporates and SEC EDGAR. 3 tools for business entity research.

0· 441·0 current·0 all-time
byMartin@martc03
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the requested binary (mcporter) and the declared behavior (MCP server). However, instead of calling OpenCorporates/EDGAR directly the SKILL.md instructs the agent to register and use an external MCP at https://business-entity-mcp.apify.actor/mcp. The description does not explicitly disclose that queries will be proxied to a third party.
Instruction Scope
SKILL.md only instructs adding an MCP server (via mcporter or editing ~/.openclaw/mcp.json) and documents three tools. It does not request API keys or local file access. The runtime behavior will send search queries to the remote apify.actor endpoint (streamable-http transport), which may receive full query text and any parameters — this is outside the domain of OpenCorporates/EDGAR and may expose sensitive query content.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk by the skill itself. It does require the mcporter binary to be present; that is a reasonable dependency for registering MCP servers but should be verified as legitimate by the user.
Credentials
No environment variables, credentials, or config paths are required beyond optionally editing ~/.openclaw/mcp.json. The skill does not demand unrelated secrets.
Persistence & Privilege
always is false and the skill is user-invocable only. It does instruct adding a server entry to the agent's MCP config, which persists that remote endpoint in ~/.openclaw/mcp.json — expected for an MCP-based tool but worth noting.
What to consider before installing
This skill delegates searches to a third-party MCP endpoint hosted at business-entity-mcp.apify.actor rather than calling OpenCorporates/EDGAR directly. Before installing: (1) Verify the mcporter binary is trusted on your system; (2) Inspect the GitHub repo (homepage) and the third-party service to confirm who operates it and whether they log or reuse queries; (3) Avoid sending sensitive or PII-containing queries through the skill until you trust the remote service; (4) If you require stronger privacy/assurance, request a version that calls OpenCorporates and EDGAR directly (or run your own MCP endpoint) so queries do not go through an unknown third party; (5) Consider testing with harmless queries and monitor network traffic to confirm what is sent.

Like a lobster shell, security has layers — review code before you run it.

latestvk975e3hcc341988yc25wvgyhnd81zpme

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🏢 Clawdis
Binsmcporter

Comments