ClawHub

Moodle Student Sync

v2.0.0

Sync and summarize student Moodle data including courses, upcoming deadlines, grades, files, and announcements. Use this skill whenever a user asks for Moodl...

0· 13·0 current·0 all-time
by@yerassyl-sailaubay
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Moodle syncing, deadlines, grades, digests) match the required artifacts: Python CLI scripts that call Moodle Web Services and templates/tests. The only required env vars are MOODLE_URL and MOODLE_TOKEN (plus optional MOODLE_USER_ID), which are exactly what a Moodle API client needs.
Instruction Scope
SKILL.md instructs the agent to use Moodle API endpoints, set MOODLE_URL/MOODLE_TOKEN, and run local Python scripts. The instructions and the code only reference Moodle endpoints derived from MOODLE_URL and local files; they do not instruct reading unrelated system files or exfiltrating data to unknown endpoints.
Install Mechanism
There is no remote download/install step; the package is instruction-plus-source and requires only Python and the requests package. No third-party URLs, extract steps, or unusual installers are present.
Credentials
Only MOODLE_URL (instance URL) and MOODLE_TOKEN (primary secret) are required, plus an optional MOODLE_USER_ID. These are proportional and necessary for the declared functionality; no unrelated credentials or system config paths are requested.
Persistence & Privilege
The skill does not request always:true and is user-invocable. It does not modify other skills or system settings. Autonomous model invocation is allowed by default but not combined with any elevated privileges here.
Assessment
This package appears coherent and implements a Moodle REST client plus CLI utilities that use MOODLE_URL and MOODLE_TOKEN to pull your student data. Before installing, ensure: (1) MOODLE_TOKEN is a user-scoped token (not an admin token) and use HTTPS for MOODLE_URL; (2) you trust the skill source (the package lists 'source: unknown'); if you don't fully trust it, review the scripts (they're included) or run them in an isolated environment; (3) revoke the token after use if it's long-lived or shared. The skill sleeps between requests (default 15s) and does not contact any external endpoints other than the Moodle instance you provide.

Like a lobster shell, security has layers — review code before you run it.

educationvk976y33ydjqrjwzgn5xvky3z3d84dv8hlatestvk976y33ydjqrjwzgn5xvky3z3d84dv8hmoodlevk976y33ydjqrjwzgn5xvky3z3d84dv8h

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
EnvMOODLE_URL, MOODLE_TOKEN
Primary envMOODLE_TOKEN

Comments