ClawHub

Product Data Collection

v1.0.1

Describes product collection task HTTP APIs (create, pick, update, batch-update), task types, statuses, success payload rules, and browser-extension vs dashb...

0· 84·0 current·0 all-time
byChevy@rowin90
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the declared requirements: the skill documents HTTP task endpoints and legitimately needs the API base URL and an auth header. No unrelated services, binaries, or credentials are requested.
Instruction Scope
SKILL.md's runtime instructions are limited to composing the base URL, using PRODUCT_TASK_AUTH for Authorization, and calling specific /task endpoints. It does not instruct reading unrelated files, scanning system state, or sending data to unexpected external endpoints.
Install Mechanism
No install spec and no code files — instruction-only. Nothing is written to disk or downloaded by the skill, minimizing install-time risk.
Credentials
Only two environment variables are required (base URL and auth token), which are directly proportional to the described API interactions. The primary credential (PRODUCT_TASK_AUTH) is appropriate for an Authorization header.
Persistence & Privilege
always is false and the skill is user-invocable with normal autonomous invocation settings. The skill does not request persistent system privileges or modify other skills' configuration.
Assessment
This skill is an instruction-only API spec and appears coherent. Before installing: ensure PRODUCT_DATA_COLLECTION_BASE_URL points to a trusted host and provide a least-privilege PRODUCT_TASK_AUTH token (scope/expiration if possible). Never paste the token into chat or code samples. Confirm the server enforces auth, rate limits, and input validation. Because the skill can be invoked by the agent, review how your agent will call these endpoints (logging, where requests run) to avoid accidental token leakage. If you require stricter control, create a scoped token for the skill and rotate it regularly.

Like a lobster shell, security has layers — review code before you run it.

latestvk9775jdk3p63hsnmnn62ajyaj983s8qz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📦 Clawdis
EnvPRODUCT_TASK_AUTH, PRODUCT_DATA_COLLECTION_BASE_URL
Primary envPRODUCT_TASK_AUTH

Comments