ClawHub

Danube Tools Marketplace

v8.0.12

Connect your AI agent to 100+ services through a single API key — discover, search, and execute tools via MCP

0· 1.5k·2 current·2 all-time
by@danube·duplicate of @preston-thiele/danube (8.0.9)
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description promise (connect to many services via MCP) matches the declared requirements: a DANUBE_API_KEY and curl are exactly what you would expect for calling a remote MCP API.
Instruction Scope
SKILL.md only shows API calls to api.danubeai.com and mcp.danubeai.com, explains a device OAuth flow and how to add the MCP server header, and describes available endpoints. It does not instruct reading unrelated local files or sending data to third-party endpoints.
Install Mechanism
There is no install spec and no code files; this instruction-only skill relies on curl being present. That is low-risk and proportionate to the described functionality.
Credentials
The skill requests a single environment variable (DANUBE_API_KEY), which aligns with purpose. Note: the key grants read, execute, and user-scoped write operations (create/update/delete skills and workflows, register agents). Treat the key as sensitive and avoid reusing it elsewhere.
Persistence & Privilege
always:false (good). The API surface includes agent registration and skill/workflow creation which can give an authenticated user significant capabilities within Danube; because model invocation is permitted by default, consider whether you want the agent to call this skill autonomously.
Assessment
This skill appears coherent and low-risk as an instruction-only integration, but before installing: (1) verify you trust https://danubeai.com and confirm endpoints in their docs; (2) treat DANUBE_API_KEY as a secret — it can execute tools and create/update/delete skills/workflows and register agents, so use a least-privilege or user-scoped key if available; (3) review Danube’s audit logs and dashboard permissions after enabling the skill; (4) if you do not want the agent to call this skill autonomously, disable model invocation for it in your agent settings or require explicit user invocation.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bv7ccw75xjq84xg6pspdbv984e3jr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl
EnvDANUBE_API_KEY
Primary envDANUBE_API_KEY

Comments