ClawHub

Podpoint

v1.0.0

Monitors live status of a Pod Point charger’s connectors A and B, reporting current availability and changes without requiring authentication.

1· 1.6k·2 current·2 all-time
by@zoranjurcevic
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, SKILL.md, skill.json and index.js all describe a Pod Point pod-status watcher that polls https://charge.pod-point.com/ajax/pods/{podId}. No extra capabilities, credentials, or binaries are requested beyond network access, which is required for the stated purpose.
Instruction Scope
SKILL.md and the code limit activity to fetching the Pod Point public status endpoint, parsing connector A/B statuses, and optionally polling until a change or timeout. The instructions and code do not read local files, environment variables, or send data to any endpoint other than the Pod Point endpoint.
Install Mechanism
No install spec is provided (instruction-only with an included index.js). Nothing is downloaded from external URLs and no archive extraction or package installs are declared.
Credentials
The skill declares no required environment variables, credentials, or config paths. The code does not attempt to access undisclosed secrets or unrelated services.
Persistence & Privilege
always is false and the skill does not attempt to modify other skills or system-wide settings. It performs transient polling and returns results; no persistent installation or privileged operations are requested.
Assessment
This skill appears to do exactly what it says: poll Pod Point's public pod-status endpoint for connectors A/B and report availability. Before installing, note that: (1) it will make outbound network requests to https://charge.pod-point.com with whatever podId you supply, so do not pass any secret or private identifier you don't want transmitted; (2) it runs polling loops (configurable interval and timeout) which will generate network traffic while watching; and (3) it assumes a runtime environment with fetch available (Node runtimes older than Node 18 may lack global fetch). No credentials, unknown endpoints, or filesystem access are requested, and there are no signs of obfuscated or malicious behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk976658zq73z3fs7671pkv5jn980dmb3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments