← Back to Skills Marketplace
YoinkIt
by
seomikewaltman
· GitHub ↗
· v1.0.8
852
Downloads
3
Stars
3
Active Installs
8
Versions
Install in OpenClaw
/install yoinkit
Description
Search, analyze, and transcribe content across 13 social platforms — trending topics, video transcripts, post metadata, and multi-platform research workflows.
Usage Guidance
Do not install blindly. Key issues: (1) The registry metadata does not list the required YOINKIT_API_TOKEN (and doesn't declare required binaries like curl/jq), but the scripts and SKILL.md clearly require that token and make network requests to https://yoinkit.ai (or a user-set YOINKIT_API_URL). (2) Several example cron jobs instruct the agent to read and update local Obsidian files — the skill does not declare required config paths for that. Before installing, ask the publisher to: publish a homepage/source repo, correct the registry metadata to list YOINKIT_API_TOKEN and required binaries, and explicitly document what local files (if any) the skill will read or write. Verify the yoinkit.ai API domain (and ask for a privacy/data-retention policy). If you proceed, only give the token to the skill after confirming the provider, and avoid scheduling jobs that grant the agent blanket access to sensitive local files or external channels (e.g., Telegram) until you trust the publisher. If you want higher assurance, request the upstream source code repository and confirm that API calls only send the minimal required fields (URLs/ids and not arbitrary local note contents) before enabling automated cron jobs.
Capability Analysis
Type: OpenClaw Skill
Name: yoinkit
Version: 1.0.8
The OpenClaw AgentSkills skill bundle 'yoinkit' is designed for social media content aggregation via the yoinkit.ai API. All shell scripts (`scripts/*.sh`) correctly sanitize user-provided inputs (URLs, queries, handles) using `jq -sRr @uri` before incorporating them into `curl` commands, effectively preventing command injection. The `SKILL.md` and example cron job configurations (`examples/*.json`) contain instructions for the AI agent that are focused on task execution, output formatting, and specific file interactions (e.g., with an Obsidian vault at a defined path), without any evidence of prompt injection attempts to manipulate the agent for malicious purposes like data exfiltration or unauthorized actions. The skill's behavior is fully aligned with its stated purpose.
Capability Assessment
Purpose & Capability
The skill claims to be an OpenClaw integration for multi-platform social research, which fits the included scripts. However the registry metadata lists no required environment variables or credentials, while the SKILL.md and all scripts clearly require YOINKIT_API_TOKEN (and optionally YOINKIT_API_URL). The metadata also claims no required binaries but the scripts assume standard CLI tools (curl, jq). This mismatch between what the skill actually needs and what the metadata declares is incoherent.
Instruction Scope
The SKILL.md and examples instruct the agent to call the Yoinkit API (network requests) and the example cron jobs include operations to read and update local Obsidian vault files (read/write paths like Research/Daily/YYYY-MM-DD-collection.md). The code files themselves operate on arguments and make API calls, but the examples expect the agent to access local files and save results back — that local file access is not declared in required config paths. The agent could therefore transmit local note contents to the external API or other channels if scheduled, which is beyond what's declared.
Install Mechanism
There is no install spec (instruction-only from a registry perspective), which reduces install-time risk. However the package includes multiple shell scripts that will be executed by the agent runtime. No remote downloads or opaque installers are present. The scripts rely on curl and jq but the registry metadata did not declare these required binaries — a mismatch to be corrected but not inherently high-risk.
Credentials
The skill legitimately needs a single service credential (YOINKIT_API_TOKEN) and optionally YOINKIT_API_URL to point at a server, which is proportionate to its stated purpose. But the registry metadata does not declare any required env vars or primary credential, so the required secret is omitted from the declared surface. Additionally, examples and SKILL.md allow YOINKIT_API_URL to be pointed at localhost or custom endpoints — useful for testing but potentially abused to redirect agent traffic to arbitrary servers if misconfigured.
Persistence & Privilege
The skill is not force-installed (always: false) and uses the normal agent-invocable behavior. The examples include cron jobs (scheduled autonomous runs) and delivery channels (e.g., telegram), which is expected for a research/monitoring skill. This is acceptable, but combined with the above inconsistencies (undeclared env var and instructions to read/write local notes), scheduled autonomous runs increase the impact of any misconfiguration or malicious endpoint.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install yoinkit - After installation, invoke the skill by name or use
/yoinkit - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.8
- Added note about including the Yoinkit logo (`assets/yoinkit-logo.png`) with results where the platform supports images/media.
- Clarified output formatting instructions to send the logo alongside the first result in a conversation.
- No changes to commands or API behavior.
- Documentation updated only; no changes to code or functionality.
v1.0.7
- Added a new "Output Formatting" section to SKILL.md with best practices for displaying Yoinkit results.
- Provides clear guidance on labeling, summarizing, structuring, and formatting output for transcripts, trending, content, and research commands.
- Advises on how to handle empty results or unsupported platforms.
v1.0.6
yoinkit 1.0.6
- Documentation section in SKILL.md was removed.
- No functional or command changes; updates are documentation-only.
v1.0.5
Aligned all docs, fixed /config syntax, added feed natural language examples
v1.0.4
Added user feed script (8 platforms), Obsidian two-step research workflow, 9 cron examples, aligned all docs
v1.0.3
Improved description, fixed params, shorts URL handling, youtu.be support, YOINKIT_API_URL config
v1.0.2
Fixed params, shorts URL handling, youtu.be support, YOINKIT_API_URL config
v1.0.0
Yoinkit v1.0.0 — Initial Release
- Enables transcript extraction and content research from major social platforms.
- Provides unified commands for transcript, content, search, trending, and automated research workflows.
- Supports multiple platforms including YouTube, TikTok, Instagram, Twitter/X, Reddit, and more.
- Offers natural language command capability and detailed configuration instructions.
- Requires a Yoinkit API token for access.
Metadata
Frequently Asked Questions
What is YoinkIt?
Search, analyze, and transcribe content across 13 social platforms — trending topics, video transcripts, post metadata, and multi-platform research workflows. It is an AI Agent Skill for Claude Code / OpenClaw, with 852 downloads so far.
How do I install YoinkIt?
Run "/install yoinkit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is YoinkIt free?
Yes, YoinkIt is completely free (open-source). You can download, install and use it at no cost.
Which platforms does YoinkIt support?
YoinkIt is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created YoinkIt?
It is built and maintained by seomikewaltman (@seomikewaltman); the current version is v1.0.8.
More Skills