ClawHub

Cleaning Maintenance

v1.0.0

Book cleanings and manage property maintenance. Schedule one-time or recurring cleanings, report and track maintenance issues, manage service professionals,...

0· 48·0 current·0 all-time
by@mchusma
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (booking cleanings, tracking maintenance) match the requested credential (TIDY_API_TOKEN) and the documented REST, CLI, and MCP interfaces. Required OS and suggested install mechanisms (brew/npm) are proportionate for a CLI-focused skill.
Instruction Scope
SKILL.md and reference docs confine actions to TIDY endpoints and the tidy CLI/MCP. Examples reference creating addresses, bookings, tasks, and polling message_tidy; there are no instructions to read unrelated system files or other environment variables beyond the documented TIDY_API_TOKEN and the CLI's ~/.config/tidy/credentials (explained as CLI behavior).
Install Mechanism
This is an instruction-only skill (no install spec). It recommends installing an external CLI via Homebrew or npm; those are typical package sources. The skill itself does not automatically download or execute code, so install risk is limited to the user's decision to install the third-party CLI.
Credentials
Only one credential is required (TIDY_API_TOKEN), which is appropriate for a REST/API integration. The docs explicitly describe token usage and storage. No unrelated SECRET/TOKEN/KEY environment variables are requested.
Persistence & Privilege
always is false and the skill does not request elevated or permanent system privileges. Autonomous agent invocation is allowed (platform default) but is not combined with other concerning privileges.
Assessment
This skill appears to do exactly what it says: talk to the TIDY service. Before installing or using it, consider the following: 1) The TIDY_API_TOKEN grants full API access to your TIDY account — treat it like a password. The docs state tokens do not expire and previous tokens remain valid, so plan token rotation and revocation policies. 2) If you install the recommended CLI (Homebrew/npm), verify the package source (repository, maintainer) before installing and prefer audited packages where possible. 3) The skill and API accept access/parking notes and addresses — avoid storing very sensitive information (e.g., full alarm codes, permanent physical-key locations) in the service if you do not want that data hosted. 4) If you intend to allow autonomous agent actions, be aware the agent can create/update bookings and tasks automatically; consider restricting autonomous use or using a dedicated account with limited financial/payment access. 5) If you need stronger safety, ask the skill author or provider for details on token scopes, token revocation, and privacy/data retention policies on tidy.com.

Like a lobster shell, security has layers — review code before you run it.

latestvk9767x3a7t3r08k5760bsshcbs83xt7v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧹 Clawdis
OSmacOS · Linux
EnvTIDY_API_TOKEN
Primary envTIDY_API_TOKEN

Comments