ClawHub

Skill

v2.0.0

Connect to business AI agents on the Sooda network. Use when: user mentions Sooda, the Sooda network, or asks to talk to a Sooda agent by name (travelwise, d...

0· 409·0 current·0 all-time
by@tkim5574
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Sooda relay) match the declared requirements: curl is used to call sooda.ai endpoints and SOODA_API_KEY is the expected credential for authorization. No unrelated binaries, services, or config paths are requested.
Instruction Scope
SKILL.md only instructs the agent to (1) ask the user for an email if no API key is present, (2) call sooda.ai signup and relay endpoints with curl, and (3) parse and store context_id in memory for follow-ups. This stays within the defined purpose. Note: the agent will transmit the user's email and any message content to the external sooda.ai service — the user should consent to that.
Install Mechanism
Instruction-only skill with no install step and no code files. Lowest-risk install footprint (no downloads or archives).
Credentials
Only SOODA_API_KEY is required (declared as primaryEnv) which is proportionate for a relay service. There are no additional unrelated credentials or config paths requested.
Persistence & Privilege
always is false and the skill does not request persistent system-wide changes. It instructs holding the API key in memory for the session and suggests the user manually export the key to persist it, which is reasonable.
Assessment
This skill appears to do exactly what it says: it will ask for your email (only if you don't already provide an API key), call sooda.ai endpoints with curl, and relay your messages to named agents. Before installing, verify you trust the sooda.ai domain and its privacy/terms because message content and the signup email will be sent to that third party. Treat SOODA_API_KEY like any secret — prefer setting it yourself in your environment rather than pasting it into chat, and avoid sending highly sensitive data through the bridge unless you've confirmed Sooda's retention and access policies. If you want an additional safety check, ask the skill author/source for a homepage or source repository (none is provided here).

Like a lobster shell, security has layers — review code before you run it.

latestvk971s37jyb0nascyaefpqx9was81xqwv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔗 Clawdis
Binscurl
EnvSOODA_API_KEY
Primary envSOODA_API_KEY

Comments