ClawHub

OATDA Text Completion

v1.0.5

Generate text using OATDA's unified LLM API. Triggers when the user wants to generate, write, or complete text using a specific LLM provider (OpenAI, Anthrop...

0· 40·0 current·0 all-time
by@devcsde
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (text completion via OATDA) match the declared requirements: curl and jq for making and parsing HTTP calls, OATDA_API_KEY as the primary credential, and ~/.oatda/credentials.json as an alternate key source. No unrelated binaries or credentials are requested.
Instruction Scope
SKILL.md only instructs the agent to read the declared credentials file to resolve the API key, to call the documented OATDA endpoint, and to present responses and minimal token info. It does not ask to read unrelated system files, collect extra environment variables, or send data to unexpected endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is the lowest-risk install posture: nothing is downloaded or written by an installer.
Credentials
Only OATDA_API_KEY is required and is the declared primary credential. The optional credential fallback (reading ~/.oatda/credentials.json) is declared in metadata and is proportional to the skill's purpose.
Persistence & Privilege
always is false and the skill doesn't request elevated or permanent system-wide privileges. No modifications of other skills or system configs are instructed.
Assessment
This skill appears coherent: it only needs your OATDA_API_KEY (or will read it from ~/.oatda/credentials.json) and uses curl/jq to call the OATDA API. Before installing, verify you trust the OATDA service and that the homepage (https://oatda.com) is correct. Be aware that whoever has the API key can make requests that may incur charges and see prompts/responses — do not provide highly sensitive secrets to prompts. The skill's SKILL.md explicitly avoids printing the full key, which is good. If you prefer stricter control, keep the skill user-invocable (not always enabled) and consider using a key with limited scope or billing limits. If you see unexpected requests to other endpoints or extra environment variables later, revoke the API key and investigate.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d070nqqecxa4xxrk7w5hjnn845bhh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💬 Clawdis
Binscurl, jq
EnvOATDA_API_KEY
Config~/.oatda/credentials.json
Primary envOATDA_API_KEY

Comments