Capawesome Cloud
v1.0.0Guides the agent through setting up and using Capawesome Cloud for Capacitor apps. Covers three core workflows: (1) Native Builds — cloud builds for iOS and...
⭐ 0· 69·0 current·0 all-time
byRobin Genz@robingenz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (native builds, live updates, app store publishing) match the included SKILL.md and reference files. All CLI commands and file types (.p12, .mobileprovision, .jks, Apple .p8 keys, Google service account JSON, etc.) are relevant to building, signing, uploading bundles, and publishing mobile apps.
Instruction Scope
Instructions tell the agent to run standard tooling (npx @capawesome/cli, asc, keytool, openssl, npm, cap sync) and to read or upload signing artifacts and API keys. These actions are appropriate for the workflows described, but they involve sensitive local files (private keys, keystores, provisioning profiles) and CLI authentication steps — the user should understand they must supply and manage these secrets locally or in their CI. The skill does not instruct the agent to read unrelated system files or secrets.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. No packages are automatically downloaded or written to disk by the skill itself — the risk surface is limited to the CLIs the user elects to run.
Credentials
The skill declares no required environment variables, which is reasonable for an instruction-only guide. The procedures, however, legitimately reference environment variables and secrets used by Capawesome Cloud builds and CI (NPM tokens, JAVA_VERSION, certificate passwords, Apple API keys, Google service account keys). Requesting these artifacts is proportionate to the described tasks, but users should be aware they will need to provide sensitive credentials/secrets to the Capawesome CLI or Capawesome Cloud per the documented commands.
Persistence & Privilege
The skill does not request persistent privileges (always:false). It does not modify other skills or system-wide agent settings; it only provides procedural instructions for interacting with external services and local files.
Assessment
This skill is a procedural guide for Capawesome Cloud and appears coherent with that purpose. It will instruct you to run CLIs and to create/provide sensitive artifacts (Apple .p8/.p12, provisioning profiles, Android keystores, Google service-account JSON, CI tokens, and keystore/passwords). Before proceeding: (1) Verify you trust the skill source (the SKILL.md includes a GitHub URL; consider inspecting that repo yourself). (2) Do not paste secrets into chat; use the official Capawesome Cloud console or CI secret stores. (3) When you run any CLI commands (npx @capawesome/cli, asc, openssl, keytool), ensure you install those CLIs from their official sources (npm or upstream repos) and review their help output. (4) Be careful with ad-hoc environment variables (they warned these may appear in build logs) and prefer encrypted secrets for CI. (5) If you have doubts about a particular step (for example uploading a private key to an unfamiliar endpoint), confirm the official Capawesome Cloud console domain (console.cloud.capawesome.io) and verify you're interacting with that service before uploading credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk977kkerjn572fkjh9qntat1e583hga4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.