ClawHub

Skill Openclaw Library Monitor

v1.0.1

Monitor library book availability and get notified when books become available for borrowing. Supports Shenzhen Library and extensible for other libraries.

0· 295·0 current·0 all-time
byShuai YUAN@yszheda
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with code and runtime instructions: the package implements book management, a Shenzhen library scraper, scheduled checks, and notifications. Declared permissions (network, filesystem, shell) are appropriate for scraping, storing book_list.json, and running the CLI.
Instruction Scope
SKILL.md directs the agent to run Python CLI commands (main.py add/list/check/remove/toggle/monitor). The runtime instructions and code operate on local config.yaml/book_list.json and the Shenzhen library API; they do not instruct reading unrelated system files or environment secrets.
Install Mechanism
No installation script is provided (instruction-only install), and included code uses standard Python packages. requirements.txt lists commonly used libraries; there are no downloads from untrusted URLs or archive extraction steps.
Credentials
The skill does not require environment variables. It does use an on-disk config.yaml that can contain SMTP credentials (sender/password) for email notifications — this is proportionate to the email notification feature but is a sensitive local secret the user must supply and protect.
Persistence & Privilege
always is false and the skill does not attempt to modify other skills or global agent settings. It persists its own data to local book_list.json and relies on config.yaml as expected.
Assessment
This skill appears to do what it says. Before installing or running it: 1) Review and create config.yaml yourself if you enable email notifications — the SMTP password is stored in that file (treat it as a secret and keep it local). 2) Install the listed Python dependencies in an isolated environment (virtualenv) and run the monitor from a user-controlled directory so book_list.json and config.yaml are kept where you expect. 3) Choose a reasonable scheduler interval to avoid overloading the library API. 4) If you want extra assurance, inspect the included files (library_scraper.py and notifier.py) yourself or run the code in a sandboxed environment; there are no hidden network endpoints or obfuscated behaviors found in the source.

Like a lobster shell, security has layers — review code before you run it.

latestvk97abm35g2pafkqn8hb4hbnx6182cjt8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments