ClawHub

Singapore Helper Match

v1.0.1

Search and match available domestic helpers (maids) from Sunrise Link's database in Singapore. Use this skill when the user wants to find, filter, or shortli...

0· 102·0 current·0 all-time
by@meikidd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (searching Sunrise Link helper database) match the included script and docs. The script queries https://www.sunriselink.sg/api/public/v1/helpers and returns structured candidate data — exactly what the skill claims.
Instruction Scope
SKILL.md behavior instructions are scoped to collecting filters from the user, invoking the local search_helpers tool, and presenting results. It explicitly forbids returning PII and instructs forwarding users to the agency site for personal details. The instructions do not ask the agent to read unrelated files or secrets.
Install Mechanism
This is an instruction-only skill with a small included Node script (no install spec, no downloads, zero third-party dependencies). The code runs locally with Node 18+ and uses built-in fetch to call the agency API — no remote installers or extracted archives.
Credentials
The skill requires no environment variables, no credentials, and no config paths. It only uses stdin/argv and outbound HTTPS to the declared Sunrise Link API endpoint, which is proportionate to its purpose.
Persistence & Privilege
always is false and the skill does not request persistent or cross-skill configuration. It can be invoked autonomously (platform default), which is normal; nothing in the skill attempts to modify other skills or agent-wide settings.
Assessment
This skill appears coherent and limited to querying Sunrise Link's public helper API and presenting results. Before installing, verify you trust the skill owner (registry owner ID vs. the Sunrise Link website), confirm the API domain (https://www.sunriselink.sg) is correct, and be aware the tool will make outbound HTTPS requests and print whatever the API returns (the package claims no PII is returned). If you prefer, inspect the small script locally before running to confirm behavior. If you need tighter control, avoid enabling autonomous invocation or run the script only in an environment where network calls are audited.

Like a lobster shell, security has layers — review code before you run it.

latestvk97420119p027knc0g8yaswgd184k9nv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments