← Back to Skills Marketplace
yangguangzhou

Quote/0

by Jerry Zhou · GitHub ↗ · v1.0.4
cross-platform ⚠ suspicious
653
Downloads
2
Stars
0
Active Installs
5
Versions
Install in OpenClaw
/install quote0
Description
Control MindReset Dot Quote/0 through the local quote0.js script and Dot Developer Platform APIs. Use when the user asks to configure Quote/0, push text/imag...
Usage Guidance
This skill appears internally consistent and implements exactly what it claims: a Node CLI that calls the Dot Open API using your DOT_API_KEY and DOT_DEVICE_ID. Before installing/using it: - Only provide the API key and device id you intend to use. Prefer the single-command (--apiKey) or temporary env methods the SKILL.md recommends rather than persisting keys in shell rc files. - Do not pass sensitive local file paths to --imageFile; the script will read and upload whatever path you supply. Avoid pointing it at private keys, configuration files, or other secrets. - The CLI communicates over HTTPS to https://dot.mindreset.tech; trustworthiness of that service is outside this review. If you don't trust the service, do not supply real credentials. - If you want extra caution, review quote0.js locally (it is short and readable) before running. You can also create an API key with limited scope or revoke it later if needed. Confidence in this assessment is high because the source code and instructions are present, readable, and align with the declared purpose.
Capability Analysis
Type: OpenClaw Skill Name: quote0 Version: 1.0.4 The skill is designed to interact with a specific API, and the `quote0.js` script primarily performs its stated function. However, the `image` command in `quote0.js` allows reading any local file specified by `--imageFile` and uploading its base64 content to the remote API. While the script includes strict validation to ensure the file is a PNG (checking both extension and magic bytes), this still represents a risky capability. An AI agent could potentially be prompted to upload a sensitive PNG file (e.g., a screenshot containing confidential information) from an arbitrary location on the filesystem. The `SKILL.md` file explicitly warns against passing sensitive file paths to `--imageFile`, acknowledging this potential risk, which contributes to the 'suspicious' classification rather than 'benign' due to the inherent data leakage risk if misused.
Capability Assessment
Purpose & Capability
Name/description, SKILL.md, package.json, and quote0.js all consistently implement a CLI that calls dot.mindreset.tech Open APIs to list devices, push text/images, and query status. Required binaries (node) and env vars (DOT_API_KEY, DOT_DEVICE_ID) match the described functionality.
Instruction Scope
Runtime instructions limit actions to running the local quote0.js CLI and supplying API key/device id. The script only reads the filesystem when the user explicitly passes --imageFile (it verifies PNG magic and size). The SKILL.md warns not to point --imageFile at sensitive paths. There are no instructions to read other system files, shell history, or unrelated environment variables.
Install Mechanism
This is an instruction-only skill with included source files and no install spec or network downloads. Nothing is written to disk by an installer step and no external archives or third-party packages are pulled during install.
Credentials
The skill requests only DOT_API_KEY and DOT_DEVICE_ID (primaryEnv DOT_API_KEY). Those are the exact credentials needed to authenticate to the documented API endpoints; no unrelated secrets or system credentials are requested.
Persistence & Privilege
always is false and the skill does not request or modify other skills or system-wide agent settings. disable-model-invocation is default (agent may invoke autonomously) — this is normal and not combined with other risky flags here.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install quote0
  3. After installation, invoke the skill by name or use /quote0
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.4
Add openclaw metadata (requires.env + primaryEnv) to align registry credential/env declarations
v1.0.3
Harden image upload: remove bypass flag, require PNG extension+magic, add 5MB limit
v1.0.2
Declare required env vars in metadata; wording update in SKILL.md
v1.0.1
Security hardening + cross-platform docs + remove absolute path leakage
v1.0.0
Initial public release: full Dot Open API support (text/image/devices/status/next/list), env-based credential config, and first-time setup guide.
Metadata
Slug quote0
Version 1.0.4
License
All-time Installs 0
Active Installs 0
Total Versions 5
Frequently Asked Questions

What is Quote/0?

Control MindReset Dot Quote/0 through the local quote0.js script and Dot Developer Platform APIs. Use when the user asks to configure Quote/0, push text/imag... It is an AI Agent Skill for Claude Code / OpenClaw, with 653 downloads so far.

How do I install Quote/0?

Run "/install quote0" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Quote/0 free?

Yes, Quote/0 is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Quote/0 support?

Quote/0 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Quote/0?

It is built and maintained by Jerry Zhou (@yangguangzhou); the current version is v1.0.4.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments