Ravi login
v2.1.1Sign up for and log into services using your Ravi identity — handles onboarding, forms, 2FA, OTPs, and credential storage. Do NOT use for standalone inbox re...
⭐ 0· 477·0 current·0 all-time
byRaunak Singwi@raunaksingwi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name/description match the runtime instructions: it directs use of the 'ravi' CLI to onboard, create identities, store/retrieve passwords, and read OTPs. Nothing requested or instructed appears unrelated to 'sign up / log in' workflows.
Instruction Scope
Instructions call only the ravi CLI and common shell utilities (jq, awk, grep, sleep). They reference the CLI's local store (~/.ravi/config.json) and show commands to fetch emails/SMS and credentials — expected for this purpose. Note: the skill will cause access to sensitive items (passwords, OTPs, config tokens) via the CLI; this is by design but worth user awareness.
Install Mechanism
Instruction-only skill with no install spec and no code files. No packages or external downloads are requested, minimizing install-time risk.
Credentials
The skill declares no required env vars or credentials, but it depends on the user's ravi CLI configuration (which stores keys in ~/.ravi/config.json). This is proportionate to the stated function, but users should understand that secrets live in that config and will be accessed by the CLI commands shown.
Persistence & Privilege
always is false and the skill contains no install steps that modify other skills or system-wide settings. It instructs use of a CLI that persists its own config, which is normal for an identity helper.
Assessment
This skill is coherent: it is an instruction-only wrapper that tells an agent how to use your locally installed 'ravi' CLI to create identities, store/retrieve passwords, and read OTPs. Before installing or enabling it: (1) confirm you trust the ravi CLI binary and its publisher, since the CLI will hold tokens/keys in ~/.ravi/config.json; (2) restrict agent permissions or review agent prompts if you don't want automated access to stored credentials/OTPs; (3) verify the device-code flow URL shown during login matches the official ravi site; and (4) if you use other ravi-related skills, review their scopes so credentials and inbox access are not unintentionally exposed. If you need a higher-assurance review, provide the ravi CLI source or binary provenance for inspection.Like a lobster shell, security has layers — review code before you run it.
latestvk97byzqnsjpc3w7ep6zs4zqj4984eq77
License
MIT-0
Free to use, modify, and redistribute. No attribution required.