ClawHub

Danube Tools Marketplace

v8.0.12

Connect your AI agent to a growing marketplace of services and tools through a single API key — discover, search, and execute anything available

2· 2.7k·5 current·5 all-time
byDanube@preston-thiele
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth tokenRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (marketplace connector) align with requested artifacts: a single DANUBE_API_KEY and curl are appropriate and expected for an API-based marketplace proxy.
Instruction Scope
SKILL.md only describes using Danube APIs (device auth, MCP config, search/execute patterns) and does not instruct reading unrelated files, extra env vars, or exfiltrating data to unexpected endpoints.
Install Mechanism
Instruction-only skill with no install spec or code files; nothing is downloaded or written to disk by the skill itself — minimal install risk.
Credentials
Only a single credential (DANUBE_API_KEY) is required and documented as the primary credential; that matches the marketplace functionality and is proportionate.
Persistence & Privilege
always is false and the skill does not request persistent system-level privileges or modify other skills' configs; autonomous invocation is allowed by default but not excessive here.
Assessment
This skill is internally consistent, but you should only provide a DANUBE_API_KEY if you trust Danube and understand what marketplace tools your agent might run. The key grants the ability to discover and execute user-scoped tools and to create/update your own marketplace artifacts, so: (1) use a least-privilege API key if Danube supports that, (2) prefer the device authorization flow when possible, (3) review and restrict tool-level credentials in the Danube dashboard before executing tools that require additional auth, (4) monitor Danube audit logs and be prepared to revoke the API key if you see unexpected activity, and (5) avoid exposing other service credentials to the marketplace unless you explicitly trust that integration. Since this is instruction-only, nothing is installed locally by the skill itself.

Like a lobster shell, security has layers — review code before you run it.

apisvk97aq4vyd5pgq7dwm9jzgkjzyx80dnrbdanubevk97aq4vyd5pgq7dwm9jzgkjzyx80dnrbintegrationvk97aq4vyd5pgq7dwm9jzgkjzyx80dnrblatestvk97ern85krj359sahky4k81q8n84wzmjmcpvk97aq4vyd5pgq7dwm9jzgkjzyx80dnrbtoolsvk97aq4vyd5pgq7dwm9jzgkjzyx80dnrb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl
EnvDANUBE_API_KEY
Primary envDANUBE_API_KEY

Comments