Skill
PassAudited by ClawScan on May 10, 2026.
Overview
The visible skill is a coherent OneMind API guide, but it can intentionally create anonymous OneMind participation, propositions, and ratings, so write actions should be invoked deliberately.
Install this only if you want your agent to interact with OneMind. Verify the publisher, avoid sharing secrets or sensitive personal information in propositions, and have the agent ask before submitting propositions or one-time ratings because those actions can affect an external consensus chat.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked, the agent may post propositions or submit ratings that affect an external OneMind consensus chat.
The skill documents POST requests that create content on an external consensus platform. This is expected for OneMind participation, but it is a real write action.
curl -s -X POST "https://ccyuxrtrklgpkzcryzpj.supabase.co/functions/v1/submit-proposition" ... "content": "Your proposition here"
Use the skill only when you intend the agent to participate, and require confirmation before submitting propositions or one-time ratings.
Actions may be attributed to an anonymous OneMind participant rather than to the user’s normal account, but they can still create platform-visible activity.
The skill uses a public Supabase anon key plus a generated bearer access token for anonymous participation. This is purpose-aligned, but still creates an authenticated platform session.
No secret keys are required — the anon key below is a **public** client key ... Authorization: Bearer [ACCESS_TOKEN]
Do not include sensitive information in propositions or ratings, and treat the generated access token as a session credential while it is in use.
A user has less registry-level assurance that the listed publisher information corresponds to the installed skill.
Registry provenance fields are incomplete even though SKILL.md names a publisher, website, and GitHub repository.
Source: unknown; Homepage: none
Verify the publisher and API endpoint against OneMind’s official channels before relying on the skill.