Limesurvey Openclaw Skill
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill matches its LimeSurvey automation purpose, but it can use credentials to export survey data and trigger bulk participant emails, so it deserves review before use.
Install only if you want an agent to manage LimeSurvey through a controlled service account. Before using it, set least-privilege credentials, avoid admin examples, require explicit approval for sends or destructive changes, and review any exported response files for sensitive data handling.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly broad agent action could send survey invitations to all pending participants for a survey.
The invitation command defaults to a broad recipient set when token IDs are omitted and the code shows no confirmation or dry-run before sending.
p_invite.add_argument('--token-ids', help='Comma-separated token IDs (default: all)') ... token_ids = None ... client.call('invite_participants', client.session_key, args.survey_id, token_ids)Require explicit user confirmation for invitation/reminder sends, prefer passing specific token IDs, and consider adding a dry-run or recipient-count preview before sending.
Anyone or any agent using this skill with those credentials can perform whatever LimeSurvey actions that account is allowed to perform.
The skill requires LimeSurvey credentials, which is expected for RemoteControl API automation, and the artifact explicitly recommends least privilege.
REQUIRED ENVIRONMENT VARIABLES: LIMESURVEY_URL ... LIMESURVEY_USER, LIMESURVEY_PASSWORD (use least-privilege service account, never full admin credentials).
Use a dedicated service account with only the needed survey permissions; avoid full admin credentials and rotate the password if exposed.
Survey responses, participant information, or tokens may be exposed in terminal output, files, or agent context if exports are run broadly.
Exported survey responses can be written to local files or printed into the agent/runtime context, which may contain sensitive respondent data.
decoded = client.decode_base64(result) ... with open(args.output, 'w', encoding='utf-8') as f: f.write(decoded) ... else: print(decoded)
Export only the needed surveys and fields, choose secure output locations, and avoid leaving sensitive response data in shared logs or chat context.