ClawHub

Project Cog

v1.0.4

Persistent knowledge workspaces for agents. Upload documents, build AI-processed context trees, retrieve structured knowledge. Works with CellCog chats or st...

0· 116·2 current·2 all-time
byCellCog@nitishgargiitd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (persistent project workspaces, uploads, signed URLs) align with the declared requirements: python3 and a CELLCOG_API_KEY. The skill explicitly depends on the cellcog SDK/skill, which fits the stated functionality.
Instruction Scope
SKILL.md is instruction-only and stays within the expected scope (calls to client.create_chat, upload/context features). It directs the user/agent to install and use the separate 'cellcog' skill/SDK — the runtime behavior therefore depends on that other skill's instructions and code. Review the cellcog skill for any broader actions (file access, network calls) before trusting this skill.
Install Mechanism
No install spec here (instruction-only), so this skill itself does not write code to disk. However it instructs installing the 'cellcog' skill via 'clawhub install cellcog'; that install step may pull code/packages. The install risk is deferred to the cellcog skill — inspect that skill's install mechanism and sources.
Credentials
Only one env var is required (CELLCOG_API_KEY), which is appropriate for an external service integration. Minor metadata inconsistency: registry metadata lists no primary credential even though CELLCOG_API_KEY is the main credential the skill uses; this is likely a bookkeeping omission but worth noting.
Persistence & Privilege
always is false and the skill does not request elevated platform privileges. Autonomous invocation is allowed (default) but not combined with forced presence or cross-skill configuration changes.
Assessment
This skill appears to do what it says, but it delegates runtime behavior to the separate 'cellcog' skill/SDK. Before installing or supplying your CELLCOG_API_KEY: 1) Inspect the cellcog skill's install steps and source to see what it installs and which endpoints it calls. 2) Confirm what permissions the CELLCOG_API_KEY grants and whether it allows uploading or publicly sharing documents. 3) Consider whether you want project data uploaded to an external service and whether signed URLs and team-sharing policies meet your privacy/compliance needs. 4) Note the minor metadata inconsistency (no primary credential listed) — ensure the key you provide is scoped minimally. If you have sensitive documents, review retention and deletion policies for CellCog before using the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bwmy9rm702xqnjkkt15whsx84ba74

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📂 Clawdis
OSmacOS · Linux · Windows
Binspython3
EnvCELLCOG_API_KEY

Comments