ClawHub

Secure Google Sheets Access for OpenClaw by PortEden

v1.0.0

Secure Google Sheets Management - permission-based create, read, write, and append spreadsheet data, plus file management (share, permissions, rename, delete).

0· 193·0 current·0 all-time
by@porteden
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Google Sheets management) match what the SKILL.md instructs (calls to a 'porteden' CLI for create/read/write/append/share/delete). Required binary 'porteden' and primary env var PE_API_KEY are appropriate and expected.
Instruction Scope
Runtime instructions are limited to invoking the porteden CLI and its flags. They show expected actions (auth login, use PE_API_KEY, sheet and permission commands). The instructions do not ask the agent to read unrelated files/paths or exfiltrate data to unexpected endpoints.
Install Mechanism
Install options are a Homebrew formula (porteden/tap/porteden) or go install from github.com/porteden/cli — both are normal for a CLI. Note: these will download and install third-party code; verify the tap and GitHub module ownership and review the upstream repo/release before installing.
Credentials
Only PE_API_KEY (plus optional profile/format vars) is required, which is proportional for a third‑party Sheets CLI. The SKILL.md also notes credentials are stored in the system keyring — expected for a CLI but users should be aware of where tokens end up.
Persistence & Privilege
always is false and the skill does not request persistent system-wide changes. It does rely on the porteden CLI storing credentials in the system keyring, which is standard for CLI auth and limited in scope to this tool.
Assessment
This skill is an instruction-only wrapper around the PortEden CLI and appears coherent. Before installing or using it: (1) verify the Homebrew tap and the GitHub module (github.com/porteden/cli) belong to the expected project and review recent releases; (2) prefer short-lived API tokens or least-privilege scopes (only enable driveAccessEnabled if needed); (3) be aware the CLI stores credentials in your system keyring — check where and who can access it; (4) when giving the agent permission to act, remember commands can share/rename/delete files — confirm any destructive actions. If you need higher assurance, inspect the upstream repository and formula before installation.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dt9ntp5n79vgpg5b7fgrn7h83470g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📊 Clawdis
Binsporteden
EnvPE_API_KEY
Primary envPE_API_KEY

Install

Install porteden (brew)
Bins: porteden
brew install porteden/tap/porteden
Install porteden (go)
Bins: porteden
go install github.com/porteden/cli/cmd/porteden@latest

Comments