Chainletter CredCLI
v0.2.4Use this skill whenever the user wants to generate certificates, credentials, diplomas, badges, or any kind of mail-merged document using CredCLI. Triggers i...
⭐ 0· 84·0 current·0 all-time
by@ntbooks
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (CredCLI / Chainletter credential generation and mail-merge) matches the instructions: install the credcli npm package, register a Chainletter token, render per-row PDFs/PNGs, upload, stamp, and email. There are no unrelated environment variables or unrelated binaries requested.
Instruction Scope
The SKILL.md directs the agent to install and run credcli commands that will write files, upload them to Chainletter/IPFS, and perform irreversible blockchain stamping. It also requires network access to specific domains and recommends changing a domain allowlist (even suggesting 'All'). The guide instructs non-interactive use (--yes) which will bypass confirmation and cause automated uploads/stamps in sandboxed/non-TTY environments — this is functionally coherent but operationally risky if the agent acts without explicit human confirmation.
Install Mechanism
There is no registry install spec; the SKILL.md instructs running npm install -g @credcli/cli into a user-local prefix and modifying PATH. Installing an external npm package at runtime is typical for a CLI-based skill, but the package origin/publisher is not validated in the manifest. The installation modifies user PATH and writes files to the home directory (~/.npm-global), which is a non-negligible change.
Credentials
No environment variables are declared in the registry, and the skill obtains credentials via an interactive 'credcli register' step (Chainletter token). Requiring a Chainletter token is proportional to the stated purpose. However the guide also asks admins to adjust domain allowlists (even to 'All'), which is broader than strictly necessary and increases exposure if applied globally.
Persistence & Privilege
The skill is not force-included (always:false) and uses normal autonomous invocation defaults. The main risk is operational: the instructions encourage non-interactive commands (--yes) and irreversible 'stamp' operations. If you allow autonomous agent invocation, the agent could upload and irrevocably blockchain-stamp documents without further human confirmation — this increases blast radius but is consistent with the tool's purpose.
Assessment
This skill appears to do what it says (generate, upload, and blockchain-stamp credentials), but it requires installing an external npm package, a Chainletter account/token, and network access to Chainletter/Clstamp domains. Important things to consider before installing or allowing the agent to use it: 1) Verify the @credcli/cli npm package and its publisher before running the global install; prefer installing in an isolated environment or reviewing the package source. 2) The workflow includes non-interactive 'send --yes' and 'stamp' commands that will upload files and perform irreversible blockchain stamping — require an explicit human confirmation step before those commands run. 3) Avoid changing an allowlist to 'All' unless you understand the broader network implications; instead add only the required domains if possible. 4) Be cautious about where the Chainletter token is stored after 'credcli register' and who or what has access to it; the token scopes tenant/group access. 5) If you do not want the agent to perform uploads/stamps autonomously, disable autonomous invocation for this skill or require manual approvals. If you want a safer test, run everything locally with dummy data and review outputs before issuing real sends/stamps.Like a lobster shell, security has layers — review code before you run it.
latestvk973bx05m47yvk4wxdmwj9026x84gbcy
License
MIT-0
Free to use, modify, and redistribute. No attribution required.