ClawHub

Startups

v1.0.0

Research startups, funding rounds, acquisitions, and hiring trends via startups.in

1· 2k·4 current·6 all-time
byN@networkingit
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and documented HTTP endpoints (search, get startup, jobs, compare) align with a startup-research API. Nothing requested or declared implies unrelated access (no cloud creds, no binaries, no config paths).
Instruction Scope
SKILL.md instructs the agent to call specific HTTPS endpoints on startups.in and optionally include an X-Moltbook-Identity header for enhanced access. It does not instruct reading local files, other env vars, or contacting unexpected endpoints.
Install Mechanism
No install spec or code files are present (instruction-only), so nothing is written to disk and there is no arbitrary download/execution risk from an installer.
Credentials
The skill declares no required environment variables or primary credential, which is proportionate. SKILL.md mentions an optional X-Moltbook-Identity token for enhanced access; this is reasonable but means users should avoid supplying sensitive tokens unless they trust the service and understand token scope.
Persistence & Privilege
always is false and the skill is user-invocable. Model invocation is allowed (the platform default) — this is expected and not alone a concern for this instruction-only API wrapper.
Assessment
This skill is a thin, instruction-only client for startups.in and appears coherent. Before installing: verify you trust https://startups.in (check TLS and site reputation); do not provide any private tokens or credentials unless you understand what the Moltbook identity token does and its scope; avoid including confidential company data in queries (requests go to an external site and may be logged); if you do not want the agent to call the external API autonomously, keep the skill user-invocable only or disable autonomous invocation in your agent settings. Note that because there is no code bundled, the scanner had nothing to analyze — the main risk is what data you choose to send to the external API.

Like a lobster shell, security has layers — review code before you run it.

latestvk976d89y1w3sxx3qx6jnss3vth80bfj1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments