ClawHub

Overseerr

v0.1.0

Request movies/TV and monitor request status via the Overseerr API (stable Overseerr, not the beta Seerr rewrite).

2· 2.2k·9 current·9 all-time
by@j1philli
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description -> required binaries/env vars -> code all align: the scripts call only the Overseerr API (OVERSEERR_URL) and use the supplied OVERSEERR_API_KEY. No unrelated services, credentials, or OS-level resources are requested.
Instruction Scope
SKILL.md instructs running the provided Node scripts; the scripts only read the declared env vars, call the Overseerr API under /api/v1, and output JSON. The monitor script polls indefinitely and prints changes to stdout (expected behavior for a monitor). There are no instructions to read other files, credentials, or send data to external endpoints beyond OVERSEERR_URL.
Install Mechanism
No install spec; this is essentially an instruction+script bundle that requires the node binary. Nothing is downloaded from external URLs or written to arbitrary locations during install.
Credentials
Only OVERSEERR_URL and OVERSEERR_API_KEY are required (API key is declared as primary). This matches the API usage in the code and is proportionate; no extraneous SECRET/TOKEN/PASSWORD env vars are requested.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide settings. It can be invoked autonomously (platform default), which is expected for skills that make API calls — nothing here escalates privileges or requests permanent presence.
Assessment
This skill appears to do exactly what it claims: run Node scripts that communicate with your Overseerr instance using OVERSEERR_URL and OVERSEERR_API_KEY. Before installing: (1) only provide an API key that you trust — limit its privileges if possible; (2) run the scripts in an environment with a reasonably recent Node (fetch API used); (3) be aware the monitor script polls indefinitely and will make repeated requests to your Overseerr URL; (4) verify the skill source if you require provenance (the registry owner is listed but source is “unknown”). Otherwise the code looks straightforward and coherent with the described purpose.

Like a lobster shell, security has layers — review code before you run it.

latestvk9759kevkyrj03wjf0n9cgxwxx7z4q5w

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🍿 Clawdis
Binsnode
EnvOVERSEERR_URL, OVERSEERR_API_KEY
Primary envOVERSEERR_API_KEY

Comments