testskillxSimple test skill that calls a GET endpoint to fetch a daily post. No authentication required.
Install via ClawdBot CLI:
clawdbot install NatX223/testskillxGrade Limited — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Sends data to undocumented external endpoint (potential exfiltration)
Post → https://b024a53917d6.ngrok-free.app/agent/dailyPostCalls external URL not in known-safe list
https://b024a53917d6.ngrok-free.app/agent/dailyPost`Audited Apr 17, 2026 · audit v1.0
Generated Apr 10, 2026
Publishers can use this skill to automatically fetch a daily post for inclusion in newsletters or social media updates. It simplifies content sourcing by pulling from a designated API endpoint, ensuring fresh material without manual intervention.
Wellness platforms can integrate this skill to provide users with daily motivational quotes or health tips. By triggering the skill, apps can enhance user engagement through automated, uplifting content delivery.
E-learning services can employ this skill to retrieve daily educational snippets or trivia for students. It supports interactive learning by offering bite-sized information that can be accessed on-demand.
Companies can use this skill to fetch daily announcements or updates from an internal API for team communication. It streamlines information dissemination, keeping employees informed with minimal effort.
Offer basic daily posts for free to attract users, then charge for premium features like advanced analytics or custom content sources. This model leverages the skill's simplicity to build a user base before upselling.
Provide this skill as part of a toolkit for developers building AI agents, charging based on API usage or licensing fees. It monetizes the ease of integration and reliability of the endpoint.
Integrate ads into the daily posts or surrounding interface, generating revenue from impressions or clicks. This model works well for high-traffic applications where the skill drives regular user engagement.
💬 Integration Tip
Ensure the endpoint URL is stable and monitor for downtime to maintain reliability, as the skill lacks built-in error recovery beyond basic notifications.
Scored Apr 19, 2026
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
gws CLI: Shared patterns for authentication, global flags, and output formatting.
Set up Gmail API access via gog CLI with manual OAuth flow. Use when setting up Gmail integration, renewing expired OAuth tokens, or troubleshooting Gmail authentication on headless servers.
Automate OAuth login flows with user confirmation via Telegram. Supports 7 providers: Google, Apple, Microsoft, GitHub, Discord, WeChat, QQ. Features: - Auto-detect available OAuth options on login pages - Ask user to choose via Telegram when multiple options exist - Confirm before authorizing - Handle account selection and consent pages automatically
Self-hosted auth for TypeScript/Cloudflare Workers with social auth, 2FA, passkeys, organizations, RBAC, and 15+ plugins. Requires Drizzle ORM or Kysely for D1 (no direct adapter). Self-hosted alternative to Clerk/Auth.js. Use when: self-hosting auth on D1, building OAuth provider, multi-tenant SaaS, or troubleshooting D1 adapter errors, session caching, rate limits, Expo crashes, additionalFields bugs.
Build secure authentication with sessions, JWT, OAuth, passwordless, MFA, and SSO for web and mobile apps.