ClawHub

Web Page API

v1.0.4

Analyze Web Page workflows with JustOneAPI, including hTML Content, rendered HTML Content, and markdown Content.

0· 27·1 current·1 all-time
by@justoneapi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill is a thin wrapper around JustOneAPI web-page endpoints. It only requires node and JUST_ONE_API_TOKEN, which are appropriate for performing authenticated API GET requests to the declared base URL.
Instruction Scope
SKILL.md and bin/run.mjs limit actions to selecting an operation, validating parameters, and performing an HTTP GET to https://api.justoneapi.com. The skill does not read other files or environment variables. Note: the implementation places the token in the query string (token query parameter) because the API surface defines it that way — this can expose the token in logs or referer headers.
Install Mechanism
There is no install spec; the skill is instruction-only with a small JS helper (bin/run.mjs). No external downloads or package installations are performed by the skill itself.
Credentials
Only JUST_ONE_API_TOKEN is required and declared as the primary credential, which is proportionate to the stated task. However, the token is sent as a URL query parameter (per API design) — this is expected for this skill but increases risk of token exposure via logs, proxy captures, or referer headers compared with header-based auth.
Persistence & Privilege
always is false and the skill does not modify other skills or system configuration. It does not request permanent presence or elevated system privileges.
Assessment
This skill appears coherent and limited to calling JustOneAPI endpoints, but before installing: (1) keep JUST_ONE_API_TOKEN secret and consider using a scoped/limited token; (2) be aware the token is sent in the URL (query param) which may be logged or leaked via referer headers — prefer header-based auth if the API supports it; (3) verify you trust https://api.justoneapi.com and review the token's permissions; (4) confirm node is available in the runtime environment; (5) note the agent may call this skill autonomously (platform default) so ensure you're comfortable the agent can make requests to JustOneAPI using the provided token.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bx1b3q1dh2qpjvgatz1epm18484dy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode
EnvJUST_ONE_API_TOKEN
Primary envJUST_ONE_API_TOKEN

Comments