Flickr Claw

v1.5.0

Access Flickr with user-supplied local API credentials and OAuth tokens, verify authorization, export recent-upload or album metadata, download recent or alb...

⭐ 0· 93·0 current·0 all-time

byStanislav Stankovic@stanestane

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description (Flickr auth, export, download, edit metadata) match the included Python script and README. The script performs Flickr OAuth, API reads/writes, album listing, CSV export, and image download — all consistent with the stated capability.

✓

Instruction Scope

SKILL.md instructs the agent to read/write local Flickr credential and token files, call Flickr OAuth and REST endpoints, and optionally download images locally or perform write actions. It does not instruct collection of unrelated system files or transmission to third-party endpoints beyond Flickr.

✓

Install Mechanism

No install spec is provided (instruction-only with bundled script). The skill relies on the user having Python and the requests-oauthlib package; nothing is downloaded from third-party URLs or installed automatically.

ℹ

Credentials

The skill uses local credential and token files under ~/.openclaw (api_key/api_secret and request/access token files), which is appropriate for Flickr integration. However, the registry metadata did not declare the required config path or list Python/requests-oauthlib as a requirement — a minor metadata omission the user should be aware of. The script stores tokens locally and requires user-supplied write-capable tokens for edits; those are sensitive and proportional to the feature set.

✓

Persistence & Privilege

always:false and no system-wide configuration changes. The script writes only its own credential/request/access token files under the user's home ~/.openclaw directory and output CSVs/downloads to the current working directory (or specified out/out-dir). It does not modify other skills or global agent settings.

Assessment

This skill appears to do what it says: it uses local Flickr API credentials and OAuth tokens to read/export/download and optionally edit metadata. Before using it: (1) review the bundled Python script yourself (or with someone you trust) before running, especially if you plan to perform write operations; (2) keep your Flickr api_key/api_secret and access-token files in a safe location (the script stores them under ~/.openclaw) and do not share them; (3) the registry metadata omitted declaring the required credentials file and the need for Python + requests-oauthlib — make sure you have those and point token files to the expected paths or use flags to override; (4) prefer read-only tokens for exports and only mint write tokens when you intend to edit tags/titles/descriptions; and (5) delete downloaded image copies when you no longer need them. If you want higher assurance, run the script in a sandboxed environment or inspect the full script logic for any changes before granting write permission.

Like a lobster shell, security has layers — review code before you run it.

latestvk97807ejhbpxj332cpe93z76ah83gsdp

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Flickr Claw

License

Comments