ClawHub

Curl Http

v1.0.0

Essential curl commands for HTTP requests, API testing, and file transfers.

5· 5.2k·53 current·57 all-time
by@arnarsson
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description present a curl HTTP client guide and the SKILL.md contains curl commands and examples — what it claims to do matches what it instructs. Minor metadata mismatch: SKILL.md metadata lists requires bins:["curl"] while the registry metadata above lists no required binaries.
Instruction Scope
The instructions are focused on making HTTP requests and file transfers with curl. They include examples that reference local files (e.g., @data.json, client.key, cookies.txt) and show how to include credentials (basic auth, headers, API keys in URL) and insecure options (-k, API keys in query). These are relevant to curl usage but can encourage insecure practices or cause local file access if the agent executes them — the examples are expected for a curl guide but warrant caution.
Install Mechanism
No install spec and no code files — lowest-risk instruction-only skill. Nothing will be downloaded or written to disk by installing the skill.
Credentials
The skill declares no required environment variables or credentials. The examples show how to supply auth credentials for target services (normal for HTTP client documentation) but there is no request for unrelated secrets.
Persistence & Privilege
always:false and normal model invocation settings. The skill can be invoked autonomously (platform default), which means an agent could run curl commands when it decides to use this skill — this is expected for an instruction skill of this type.
Assessment
This skill is essentially a curl command reference and looks coherent. Before using it, note: (1) it contains examples that place credentials on the command line or in URLs and uses -k — these can leak secrets via shell history, process lists, or network logs; avoid those patterns in production. (2) Some examples reference local files (client keys, cookies, @data.json) — if the agent executes commands it may read local files you specify. (3) There's a small metadata inconsistency about declaring the curl binary requirement. If you plan to let the agent run commands, ensure you trust it with network access and do not store secrets in CLI arguments or query strings; prefer protected files, headers, or secure credential stores.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e6fdxv6nbg7t5c5qdqmd0m1804wf6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
Binscurl

Comments