ClawHub

Filament Vault

v1.0.0

Track 3D printing filament inventory locally. Add spools, log usage, check stock levels, and generate spending reports. Use when: filament, spool, 3d print i...

0· 48·0 current·0 all-time
byNew Age Investments@newageinvestments25-byte
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included scripts and assets. All requested functionality (add, update, list, search, report) is implemented by the bundled Python scripts and uses a local JSON datastore. No extraneous credentials, binaries, or unrelated capabilities are requested.
Instruction Scope
SKILL.md instructs running the included Python scripts against the local inventory file (~/.openclaw/workspace/filament-vault/inventory.json). The instructions and scripts only access that path and perform inventory operations; they do not read other system files, environment variables, or remote endpoints.
Install Mechanism
There is no install spec (instruction-only), and the package contains plain Python scripts. Nothing is downloaded or executed from external sources during install. The included files are readable and not obfuscated.
Credentials
The skill requires no environment variables, credentials, or config paths beyond its own data directory. That is proportional to a local inventory tracker. The scripts only create/read/write the specified inventory.json file.
Persistence & Privilege
The skill is not set to always:true and does not modify other skills or global agent settings. It stores data under its own workspace path; this is expected and limited in scope.
Assessment
This skill appears to be a straightforward local inventory manager. Before installing or running it: (1) be aware it stores inventory data (including costs, locations, and free-text notes) in plain JSON at ~/.openclaw/workspace/filament-vault/inventory.json — if that contains sensitive info, consider file permissions or encryption; (2) inspect the included scripts if you want to be extra safe (they are small, readable, and do not make network calls); (3) run them under a Python virtualenv if you prefer environment isolation; (4) if you do not want the agent to invoke the skill autonomously, you can disable model invocation for this skill in your agent settings (the skill itself does not request that privilege). Overall there are no red flags in the code or SKILL.md.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f79xbr8jb6k9gq1wzjk1kdx83xtct

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments