ClawHub

Doubleword API

v1.0.0

Submit and manage asynchronous batch AI inference jobs via Doubleword API supporting OpenAI-compatible endpoints, tool calling, and structured outputs.

2· 1.7k·0 current·0 all-time
by@pjb157
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, SKILL.md and reference docs consistently describe a batch-inference client for api.doubleword.ai; the included helper script creates JSONL batch files and matches the documented workflow. However the package metadata lacks a description/homepage/source which reduces provenance confidence.
!
Instruction Scope
Runtime instructions explicitly show using an API key in curl examples (Authorization: Bearer $DOUBLEWORD_API_KEY) and describe uploading and polling files on https://api.doubleword.ai — which is coherent with the stated purpose — but the SKILL.md does not declare the environment variable as required and the skill author did not include provenance/context (no homepage/source). The instructions do not request other system files or credentials.
Install Mechanism
This is an instruction-only skill with no install spec; the only included code is a small helper script that writes JSONL files. No network installs, downloads, or archive extraction are present in the manifest.
!
Credentials
SKILL.md examples use an API key (DOUBLEWORD_API_KEY) for requests, but requires.env and primary credential fields are empty — the skill fails to declare the expected credential. No other unrelated secrets are requested.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and has no install steps that persist code beyond the included files. It does not ask to store or modify agent-wide config.
What to consider before installing
This skill appears to implement a batch-inference workflow for api.doubleword.ai and includes harmless helper code to generate JSONL files. However: (1) the metadata lacks a description, homepage, or source repository — ask the publisher for provenance; (2) the runtime docs use an API key (Authorization: Bearer $DOUBLEWORD_API_KEY) but the skill metadata does not declare any required env var — request that the author add a declared primaryEnv or requires.env entry (e.g., DOUBLEWORD_API_KEY) so you know what secrets the skill expects; (3) only give an API key scoped to a test account or a key with limited credits until you verify behavior; rotate keys after testing; (4) if you need greater assurance, ask for a link to the source repo or a signed release and confirm the api.doubleword.ai domain is legitimate for your use. If the author cannot justify the missing metadata or provenance, treat the skill as untrusted and do not supply production credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97981kmkbdrdeks11q8wmpcjn800arg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments