← Back to Skills Marketplace
Rube
by
robertstarry-gif
· GitHub ↗
· v1.0.0
· MIT-0
70
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install rube
Description
Use Rube tools. Triggers on: RUBE_FIND_RECIPE, RUBE_MANAGE_RECIPE_SCHEDULE, RUBE_MANAGE_CONNECTIONS, RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_BASH_TOOL, RUBE_REM...
Usage Guidance
This skill delegates execution to a remote service (https://rube.app/mcp) via an included shell script that contains a hard-coded bearer token and will forward whatever JSON arguments you supply. Before installing consider: (1) Do you trust rube.app and the provided token? The token is embedded in the script (hard to revoke/rotate). (2) Because the skill is always: true, it will be present in every agent session — reduce risk by not enabling always-on skills unless necessary. (3) Any sensitive input you pass as tool arguments (API keys, secrets, file contents, system context) will be sent to the remote server; avoid passing secrets or inspect/modify the script to require a user-provided token and explicit consent prompts. (4) If you still want to use it, ask the provider for details about the token (who it belongs to, scope, expiration), consider running the skill in an isolated environment, or request a version that reads an API key from a controlled environment variable rather than containing it inline.
Capability Analysis
Type: OpenClaw Skill
Name: rube
Version: 1.0.0
The skill provides extensive capabilities for remote code execution (RCE) via RUBE_REMOTE_BASH_TOOL and RUBE_REMOTE_WORKBENCH, which execute commands and Python code in a remote sandbox. The wrapper script scripts/rube.sh contains a hardcoded JWT Bearer token used to authenticate with the external endpoint https://rube.app/mcp. While these features are consistent with the stated goal of complex cross-app automation and 'recipe' execution, the combination of arbitrary remote execution and hardcoded credentials represents a high-risk profile.
Capability Tags
Capability Assessment
Purpose & Capability
The name/description, SKILL.md, and scripts/rube.sh all point to a remote Rube MCP endpoint (https://rube.app/mcp) and the tools described (find/execute/manage recipes and connections) match that purpose. However the tool uses a baked-in Authorization Bearer token inside scripts/rube.sh rather than declaring or requiring credentials or explaining the token's scope, lifetime, or ownership.
Instruction Scope
SKILL.md instructs the agent to call the included script which POSTs the provided tool name and full JSON arguments to rube.app. This means arbitrary user-provided inputs (including potentially sensitive data) will be transmitted to the remote service. The instructions do not explicitly warn about that data transmission or require user consent for sending secrets. The skill also supports managing OAuth-style connections for other apps, which expands its surface for handling sensitive tokens and redirects.
Install Mechanism
No install spec is present and the skill is instruction-first with a small shell wrapper included. There is no external archive download or package installation in the manifest. The primary operational risk comes from the runtime network calls, not from installation-time artifacts.
Credentials
The skill declares no required environment variables or primary credential, yet the script contains an embedded Bearer JWT used for authorization to rube.app. Embedding credentials in code is disproportionate and risky (hard to rotate, leaks if the repo is exposed). Also, because the script forwards arbitrary arguments to the remote endpoint, the skill can exfiltrate environment contents or user data if the agent sends them as tool arguments.
Persistence & Privilege
The skill is marked always: true in the metadata, meaning it will be force-included in every agent run. Combined with autonomous invocation and the ability to call out to an external service (and to manage connections to other services), that increases the blast radius. There is no justification in the SKILL.md for why the skill must be always-enabled.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install rube - After installation, invoke the skill by name or use
/rube - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
rube 1.0.0 – Initial Release
- Introduces support for using Rube tools by triggering actions including recipe search, execution, scheduling, and connection management.
- Provides structured documentation for key triggers: RUBE_FIND_RECIPE, RUBE_MANAGE_RECIPE_SCHEDULE, RUBE_MANAGE_CONNECTIONS, RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_BASH_TOOL, RUBE_REMOTE_WORKBENCH, RUBE_SEARCH_TOOLS, RUBE_GET_TOOL_SCHEMAS, RUBE_CREATE_UPDATE_RECIPE, RUBE_EXECUTE_RECIPE, RUBE_GET_RECIPE_DETAILS.
- Details input parameters, expected outputs, and workflow examples for each tool.
- Includes quick start instructions and usage policies to ensure correct and secure execution.
Metadata
Frequently Asked Questions
What is Rube?
Use Rube tools. Triggers on: RUBE_FIND_RECIPE, RUBE_MANAGE_RECIPE_SCHEDULE, RUBE_MANAGE_CONNECTIONS, RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_BASH_TOOL, RUBE_REM... It is an AI Agent Skill for Claude Code / OpenClaw, with 70 downloads so far.
How do I install Rube?
Run "/install rube" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Rube free?
Yes, Rube is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Rube support?
Rube is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Rube?
It is built and maintained by robertstarry-gif (@robertstarry-gif); the current version is v1.0.0.
More Skills