ClawHub

Satgate

v2.0.0

Manage your API's economic firewall from the terminal. Mint tokens, check status, validate tokens, wrap agent commands. The server-side counterpart to lnget.

0· 116·0 current·0 all-time
by@wmattadeen-gif
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (manage API tokens, mint/validate, wrap agent commands) align with the included scripts and SKILL.md. The install script downloads a satgate-cli binary and the configure/health scripts operate on ~/.satgate/config.json — all consistent with the stated purpose.
Instruction Scope
SKILL.md stays on-topic (init, status, mint, token validate, wrap). Important operational detail: 'wrap' starts a local HTTP proxy that injects a bearer token into every outbound request — powerful but consistent with the described functionality. No instructions request unrelated files or credentials.
Install Mechanism
Installer downloads release binaries from GitHub releases (github.com/SatGate-io/satgate-cli), attempts SHA256 verification, and installs to /usr/local/bin (sudo if needed). Using GitHub releases is an acceptable install source; the script will skip verification if SHA256SUMS is unavailable which reduces assurance — user should verify checksums or build from source if concerned.
Credentials
The skill logically needs a SATGATE_API_KEY / SATGATE_CLOUD_URL / SATGATE_TOKEN, and SKILL.md documents these, but the registry metadata lists no required env vars or primary credential. That metadata omission is an inconsistency users should be aware of (the skill will ask for an API key interactively and/or read env vars, and stores it in ~/.satgate/config.json).
Persistence & Privilege
Skill is not always-enabled, does not request elevated platform privileges beyond installing a CLI to a system path (may require sudo), and only writes its own config under the user's home directory. No evidence it modifies other skills or system-wide agent settings.
Assessment
This skill appears to do what it says, but take these precautions before installing: 1) Verify the GitHub repo (SatGate-io/satgate-cli) and release tag match the published project and homepage; 2) Prefer checksum verification or build from source if the install script can't fetch SHA256SUMS; 3) Installing to /usr/local/bin may require sudo — review the binary before executing it; 4) Understand that 'satgate-cli wrap' launches a local HTTP proxy that will inject your SatGate token into all outbound HTTP requests — only run it for trusted agent code and keep API keys/tokens private; 5) The registry metadata omitted required env var declarations (SATGATE_API_KEY, SATGATE_CLOUD_URL, SATGATE_TOKEN), so expect interactive prompts and a config file at ~/.satgate/config.json (script sets chmod 600). If you have any doubt, inspect or build the satgate-cli binary from source before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk970c020dexj8btb5e9y9vwrj5834bjz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments