ClawHub

Coupler.io

v1.1.2

Access Coupler.io data flows configured with OpenClaw destination to list flows, get schemas, and query data via OAuth-secured read-only API.

0· 699·0 current·0 all-time
byNika@nika-is-nika
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the skill expects the mcporter CLI and a Coupler.io account and only details commands against auth.coupler.io and mcp.coupler.io. There are no unrelated binaries, environment variables, or config paths required.
Instruction Scope
SKILL.md keeps to the connector's scope (authenticate via OAuth, persist mcporter config, run mcporter call commands to list flows, get schemas, and run read-only queries). It does instruct storing OAuth tokens in config/mcporter.json and suggests manually editing that file to add "auth":"oauth" if needed — this is within scope but means sensitive tokens will be written to disk and the user should be aware.
Install Mechanism
Instruction-only skill: no install spec or remote downloads. The only external dependency is the mcporter CLI (user-provided), so the skill itself does not write code or fetch artifacts.
Credentials
The skill declares no env vars or credentials (proportionate). However, runtime use requires OAuth tokens which are persisted to config/mcporter.json — this is expected for a connector but represents sensitive material that will reside on disk.
Persistence & Privilege
always:false and normal autonomous invocation. The only persistence the instructions describe is saving OAuth tokens to the mcporter config file (local to the tool), which is appropriate for this kind of connector and does not change other skills or global agent settings.
Assessment
This skill is internally consistent, but take the usual precautions for OAuth-based connectors: (1) install mcporter only from a trusted source and, if possible, review its repo/code; (2) be aware mcporter will persist OAuth tokens to config/mcporter.json — protect that file (restrict filesystem permissions) or use an isolated environment if you don't want tokens on your main machine; (3) queries are read-only but can return sensitive data, so avoid running broad queries without reviewing results; (4) after use, you can revoke tokens from your Coupler.io account and delete the local config file if desired; (5) verify the endpoints (auth.coupler.io and mcp.coupler.io) against official Coupler.io docs if you need extra assurance.

Like a lobster shell, security has layers — review code before you run it.

latestvk9743avxhnm7bmhw56jem4y2fx81rg1d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments