ClawHub

Freedcamp Project Management

v1.0.0

Manage Freedcamp tasks, projects, groups, comments, notifications, and task lists via HMAC-SHA1 API credentials.

2· 1.4k·0 current·0 all-time
by@agrublev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the code and SKILL.md: the scripts implement a Freedcamp CLI using FREEDCAMP_API_KEY and FREEDCAMP_API_SECRET and call only the Freedcamp API (https://freedcamp.com/api/v1). No unrelated services, binaries, or credentials are requested.
Instruction Scope
SKILL.md instructs only Freedcamp-related workflows (session discovery, tasks, comments, notifications) and how to provide credentials. The runtime instructions and example commands match the implementation. The docs recommend storing credentials in OpenClaw config and show how to set/unset them.
Install Mechanism
No install spec; this is effectively instruction-only plus included Node.js scripts. That minimizes install-time risk. The code is dependency-free and uses only Node standard libs. No external downloads or archive extraction are present.
Credentials
The only required environment variables are FREEDCAMP_API_KEY and FREEDCAMP_API_SECRET (primary credential declared as FREEDCAMP_API_KEY), which are exactly what a Freedcamp API client needs. No unrelated SECRET/TOKEN variables or extra credentials are requested. The scripts read these env vars and nothing else sensitive.
Persistence & Privilege
The skill caches session data to a file in the user's home (~/.openclaw/skills/freedcamp-session.json by default). This is expected for session reuse but means session tokens are persisted on disk and should be protected. always is false and disable-model-invocation is false (agent-autonomy is normal); the skill does not change other skills or system settings.
Assessment
This skill appears to do what it says: a dependency-free Freedcamp CLI that needs your Freedcamp API key and secret. Before installing, consider: 1) Protect your API_KEY and API_SECRET—the skill reads them from environment variables and will use them to act on your Freedcamp account. 2) The tool caches session tokens to ~/.openclaw/skills/freedcamp-session.json (or a path you set via FREEDCAMP_SESSION_PATH); treat that file as sensitive and remove it if you stop using the skill. 3) The included demo script will load a .env file if present and spawn the CLI (so do not keep secrets in repo files you don't want read). 4) Review and run the scripts in a safe environment (or inspect the code) before granting credentials. If you need the skill to run only interactively, avoid putting credentials in long-lived OpenClaw config entries or world-readable files.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d2x6sd2mbkk63j8qthqw9bn80ztxr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvFREEDCAMP_API_KEY, FREEDCAMP_API_SECRET
Primary envFREEDCAMP_API_KEY

Comments