ClawHub

Eigen AI Terminal — Live Intelligence for Agents

v1.1.1

Daily-updated intelligence on what's happening across 16 areas of AI. 12 tools your agent uses to deliver only the signals, trends, and developments that mat...

1· 151·1 current·1 all-time
by@shawkatdidar
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description promise live AI intelligence and the code implements tools (today, about, ripple, etc.) that fetch data from terminal.clawlab.dev and format it for briefs. Required binary is 'node', which matches the implementation. Nothing requested or implemented appears unrelated to delivering read-only intelligence from the stated domain.
Instruction Scope
SKILL.md gives precise instructions to fetch and present signals and explicitly forbids supplementing responses with model training knowledge. The runtime (index.js) only fetches public endpoints on terminal.clawlab.dev and has a stubbed readLocalFile returning null; it does not read arbitrary local files, access system credentials, or transmit data to other endpoints.
Install Mechanism
There is no install spec (instruction-only in registry), but the package includes index.js which imports external Node packages (@modelcontextprotocol SDK and zod). The skill declares 'node' as a required binary but does not declare npm dependencies or an install step. This is likely an operational oversight (runtime must provide those packages) rather than malicious, but it is worth verifying the execution environment will supply the required modules.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The code uses only public HTTPS fetches to terminal.clawlab.dev and does not read env vars or secrets. This is proportionate to the stated purpose.
Persistence & Privilege
Skill flags: always:false and normal autonomous invocation allowed (platform default). The skill does not request persistent system-wide configuration changes and does not appear to modify other skills' settings. Running it will launch an MCP server (expected for a tool) but that is within its stated function.
Assessment
This skill appears to do what it says: fetch public JSON/wiki from terminal.clawlab.dev and present signals without requesting secrets. Before installing, check: 1) whether you trust the data host (https://terminal.clawlab.dev), since the skill fetches all content from there; 2) that your agent runtime provides the Node packages imported by index.js (@modelcontextprotocol SDK and zod) or that you can add them, because no install/dependency manifest is included; and 3) that you are comfortable the skill will run an MCP server (it exposes tools the agent can call). If you need extra assurance, review the referenced repository (https://github.com/shawkatdidar/eigen-ai-terminal) and confirm there are no additional network endpoints or hidden behaviors in the full source. Absence of scan findings is not a guarantee of safety — the main operational risk here is missing dependency declarations and trusting the remote data host.

Like a lobster shell, security has layers — review code before you run it.

latestvk972mr1q9kyysk2jyb7zqdhjys84gbhn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode

Comments