ClawHub

Blank Files Gateway

v1.0.0

Use blankfiles.com as a binary test-file gateway: discover formats, filter by type/category, and return direct download URLs from the public API.

0· 621·0 current·0 all-time
by@seblavoie·duplicate of @seblavoie/filearchitect-blankfiles
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name, description, and runtime instructions align: the skill only needs to query blankfiles.com API and return file metadata/URLs. There are no extra binaries, env vars, or unrelated requirements declared.
Instruction Scope
SKILL.md is narrowly scoped to calling the listed API endpoints, returning files[].url, and verifying availability. This is read-only and matches the described purpose. Note: verifying availability implies making HTTP requests and returning URLs that point to third-party CDNs (example: jsdelivr). The guardrails forbid fabrication and shell execution, which reduces risk, but the instructions allow the agent to fetch or resolve remote resources.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. References include optional clawhub publish commands, but these are documentation only and not part of runtime behavior.
Credentials
No environment variables, credentials, or config paths are requested. The skill's external network access is limited to the listed public API/CDN, which is proportionate to its purpose.
!
Persistence & Privilege
The skill sets always:true (force-included in every agent run) without justification. That gives it broad presence and increases the chance of autonomous, repeated network calls and exposure of agent activity to external hosts. Most read-only connector skills do not need always:true; user-invocable-only or standard invocation is more appropriate.
What to consider before installing
This skill appears to do what it says: query blankfiles.com and return direct download URLs for blank binary test files. However, it is configured with always:true which forces the skill to be present in every agent session — increasing autonomous outgoing network activity and exposure to external CDNs. Before installing, consider: 1) Do you trust blankfiles.com and the CDNs referenced (e.g., jsdelivr)? 2) Do you want the skill to be force-enabled, or would you prefer it be user-invocable only? 3) Confirm the agent will only return URLs and not auto-download or execute returned files. If you want to be cautious: disable always:true, install as user-invocable only, or test the endpoints manually (GET https://blankfiles.com/api/v1/status and /api/v1/files) to verify response shapes and that file URLs point to reputable hosts.

Like a lobster shell, security has layers — review code before you run it.

latestvk974x2c5299c9v7y5q2557705d81997m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments