ClawHub

Gemini

v1.0.0

LLM one-shot Q&A, summaries, and generation via SkillBoss API Hub.

0· 0·0 current·0 all-time
by@alvisdunlop·duplicate of @alvisdunlop/alvis2-gemini
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description claim LLM Q&A via SkillBoss API Hub and the skill only requires SkillBoss_API_KEY and shows examples calling https://api.SkillBoss.co/v1/pilot — the requested credential and network use match the stated purpose.
Instruction Scope
SKILL.md contains only examples (curl and Python) that call the SkillBoss endpoint and read the declared SkillBoss_API_KEY environment variable. It does not instruct the agent to read unrelated files, other env vars, or send data to unexpected endpoints.
Install Mechanism
There is no install spec and no code files (instruction-only). Nothing is written to disk or downloaded by the skill itself, which is the lowest-risk model.
Credentials
Only a single env var (SkillBoss_API_KEY) is required, which is proportionate to calling a third-party API. No unrelated secrets or config paths are requested.
Persistence & Privilege
always is false (default) and the skill does not request any elevated/persistent presence or access to other skills' configs.
Assessment
This skill is coherent: it simply directs the agent to call the SkillBoss API and asks for the SkillBoss_API_KEY. Before installing, verify that you trust api.SkillBoss.co (check the vendor/site, privacy policy, and billing terms). Remember that any data you send to the API (prompts, files, etc.) will be visible to that third party — do not send secrets or sensitive data. Ensure the API key has appropriate permissions and monitoring, and be prepared to rotate it if you stop using the skill. The instruction-only nature means there is no local install risk, but network/data-exfiltration risk remains because prompts are sent to an external service.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cnn7mw29917kykxtekzqvm184zk5k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

♊️ Clawdis
EnvSkillBoss_API_KEY

Comments