ClawHub

EVC Team Relay

v1.1.2

Read and write Obsidian notes stored in EVC Team Relay collaborative vault. Use when agent needs to: read note content from a shared Obsidian vault, create o...

0· 342·0 current·0 all-time
byEntire VC@venturecrew
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required env vars (RELAY_CP_URL, RELAY_EMAIL, RELAY_PASSWORD), and required binaries (curl, jq) all match a small bash-based REST client for the Relay control plane. The scripts implement listing, reading, creating/updating, and deleting files via the described API — nothing unrelated is requested.
Instruction Scope
SKILL.md and the scripts limit actions to HTTP calls to the configured RELAY_CP_URL and local processing with jq/curl. They do not attempt to read arbitrary files or other system credentials. Minor issues: (1) SKILL.md shows a refresh example referencing $REFRESH_TOKEN but the provided auth.sh only prints the access token (not the refresh token), a small documentation mismatch; (2) README suggests putting RELAY_PASSWORD in the OpenClaw JSON config (plaintext storage risk) — this is outside the skill's functional scope but a user-config choice that increases exposure.
Install Mechanism
There is no network download/install step in the registry spec; the package contains bash scripts and a README. Installation is manual copying + chmod as documented. No remote, opaque downloads or extracted archives are used by the skill itself.
Credentials
The skill only requests the Relay control-plane URL, user email, and password — all necessary to obtain a short-lived JWT to operate. This is proportionate to functionality. Caveats: storing RELAY_PASSWORD in agent config (as suggested in README) risks long-lived plaintext credentials; where possible prefer short-lived tokens or a dedicated service account with limited scope.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide config. It runs on demand and uses standard environment variables. Autonomous invocation (disable-model-invocation=false) is the platform default and not a unique privilege here.
Assessment
This skill appears to do exactly what it claims: use curl/jq to call a Relay control-plane to list/read/create/update/delete Obsidian-shared documents. Before installing: (1) verify the RELAY_CP_URL is a trusted control-plane you manage or trust (don't point it at an unknown host); (2) prefer issuing and storing a short-lived RELAY_TOKEN or a limited-scope service account rather than embedding your full user password in OpenClaw config; (3) ensure the OpenClaw config file permissions are restrictive if you must store RELAY_PASSWORD; (4) review the scripts locally (they are small and readable) and test them with a non-sensitive account first; (5) be aware the auth script echoes the access token to stdout (used for env assignment) — treat that token as sensitive. These mitigations reduce credential exposure while allowing legitimate use.

Like a lobster shell, security has layers — review code before you run it.

latestvk972a42qvakb396kkred5jejv58233bd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl, jq
EnvRELAY_CP_URL, RELAY_EMAIL, RELAY_PASSWORD
Primary envRELAY_CP_URL

Comments