ClawHub

TestFlight Seat Monitor

v1.0.1

Monitor available TestFlight beta slots with smart app lookups and silent batch checking. Get alerted when slots open up.

0· 647·0 current·0 all-time
byJon Newton@jon-xo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (monitor TestFlight seats) align with what the skill does: curl pages, parse HTML, map codes→names from a bundled/community lookup, and track state. The included scripts and JSON lookup file are appropriate for this function. Minor note: SKILL.md says user-specific batch-config.json is not shipped, but the repo contains a non-empty config/batch-config.json (example with one Reddit URL) — functional but a small documentation inconsistency.
Instruction Scope
Runtime instructions and SKILL.md direct the agent to run the included shell scripts, manage local config files, and optionally schedule a cron job in an isolated target. The scripts only read/write files inside the skill directory (config/*.json, batch-state.json) and fetch public pages (testflight.apple.com) and a README on raw.githubusercontent.com for the lookup update. They do not access unrelated system files or external endpoints beyond these public hosts.
Install Mechanism
No install spec is provided (instruction-only install via cloning or clawhub). All code is in plain shell scripts stored in the skill directory; nothing downloads or executes arbitrary archives from unknown hosts at install time. update-lookup.sh fetches a known raw GitHub README (pluwen/awesome-testflight-link), which is expected for updating the lookup table.
Credentials
The skill requests no environment variables or credentials. It relies on common CLI tools (curl, jq, bash) which are justified for HTTP fetching and JSON processing. No secrets are requested or accessed.
Persistence & Privilege
always:false and default model invocation settings are used. The skill persists only its own config and state files under its skill directory (config/batch-config.json, config/batch-state.json, config/testflight-codes.json). It does not modify other skills, system settings, or global agent configuration.
Assessment
This skill appears to do what it says: it checks TestFlight pages and keeps a local state to only notify when slots open. Before installing, consider: 1) Dependencies — ensure curl, jq and bash are available. 2) Network access — the tool fetches testflight.apple.com pages and the awesome-testflight-link README on raw.githubusercontent.com when updating the lookup table; if you have network restrictions, expect those calls. 3) Local config — the skill stores monitored URLs and state under the skill folder (config/). Review and edit config/batch-config.json (remove or replace the included example URL) so you only monitor URLs you intend. 4) Cron behavior — scheduled runs will cause periodic outbound HTTP requests; run in an isolated target as suggested if you want to limit blast radius. 5) Trust the lookup source — update-lookup pulls from a public GitHub README and parses it; if you need stricter guarantees, inspect the fetched content before use. No secrets appear to be requested or exfiltrated by these scripts.

Like a lobster shell, security has layers — review code before you run it.

latestvk97eqbac3m1wv7jx5smfmgg9sd81dg43

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎯 Clawdis
OSmacOS · Linux

Comments