← Back to Skills Marketplace
tkejr

MakeX

by Tanmay Kejriwal · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
589
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install makex
Description
Integrate and execute actions from third-party services via MakeX using OpenClaw API with organization-level authentication and unified endpoints.
README (SKILL.md)

OpenClaw Integrations API

OpenClaw is a skill-based integration system that allows apps built on MakeX to discover and execute actions from third-party services (Gmail, Slack, GitHub, etc.) via Composio.

Authentication

All endpoints require the X-Org-Token header containing an organization service token. This token is validated against the organization database. User session cookies are not used — these endpoints are designed for server-to-server communication.

X-Org-Token: \x3Corg-service-token>

Don't have an org token?

  1. Go to https://www.makex.app/ and sign up for an account.
  2. Navigate to Settings in your dashboard.
  3. Copy your API key from the settings page — this is your X-Org-Token.

Base URL

POST /api/openclaw/integrations/\x3Cendpoint>

All endpoints support CORS via a preflight OPTIONS handler.

Endpoints

1. Search Actions

POST /api/openclaw/integrations/search-actions

Discover available actions/tools across one or more integrations.

Request Body:

{
  "integrations": ["gmail", "slack", "github"],
  "toolkit": "gmail",
  "search": "send"
}
  • integrations (required): Array of integration slugs to search across.
  • toolkit (optional): If provided, overrides integrations and searches only this toolkit.
  • search (optional): Filter actions by keyword.

Response (200):

{
  "total": 12,
  "actions": {
    "gmail": [
      { "slug": "GMAIL_SEND_EMAIL", "name": "Send Email" },
      { "slug": "GMAIL_CREATE_DRAFT", "name": "Create Draft" }
    ],
    "slack": [
      { "slug": "SLACK_SEND_MESSAGE", "name": "Send Message" }
    ]
  }
}

2. Connected Account

POST /api/openclaw/integrations/connected-account

Check if a specific integration is connected for the organization and retrieve account details.

Request Body:

{
  "integration": "gmail"
}
  • integration (required): The integration slug to check.

Response (200):

{
  "accountId": "conn_abc123",
  "userId": "org_xyz",
  "integration": "gmail",
  "status": "ACTIVE"
}

Response (404) — not connected:

{
  "error": "No active connected account found for integration gmail",
  "availableIntegrations": ["slack", "github"]
}

3. Action Details

POST /api/openclaw/integrations/action-details

Get the full specification of a specific action, including its input and output parameters.

Request Body:

{
  "action_slug": "GMAIL_SEND_EMAIL"
}
  • action_slug (required): The slug of the action to retrieve.

Response (200):

{
  "name": "Send Email",
  "slug": "GMAIL_SEND_EMAIL",
  "description": "Send an email via Gmail",
  "inputParameters": {
    "to": { "type": "string", "description": "Recipient email", "required": true },
    "subject": { "type": "string", "description": "Email subject" },
    "body": { "type": "string", "description": "Email body" }
  },
  "outputParameters": {
    "messageId": { "type": "string" },
    "threadId": { "type": "string" }
  }
}

4. Run Action

POST /api/openclaw/integrations/run-action

Execute a specific action on a connected account.

Request Body:

{
  "toolName": "GMAIL_SEND_EMAIL",
  "accountId": "conn_abc123",
  "arguments": {
    "to": "[email protected]",
    "subject": "Hello",
    "body": "Hi there"
  }
}
  • toolName (required): The action slug to execute.
  • accountId (required): The connected account ID (from the connected-account endpoint).
  • arguments (optional): Structured key-value arguments for the action.
  • text (optional): Natural language text input (used if arguments is not provided).
  • version (optional): API version override.
  • custom_auth_params (optional): Custom authentication parameters.
  • custom_connection_data (optional): Custom connection data.
  • allow_tracing (optional): Enable tracing for the execution.

Response (200): The raw Composio execution response (varies by action).

5. Output Structure

POST /api/openclaw/integrations/output-structure

Execute an action and return its output structure. Useful for determining the shape of an action's response.

Request Body:

{
  "action_slug": "GMAIL_SEND_EMAIL",
  "accountId": "conn_abc123",
  "arguments": {
    "to": "[email protected]",
    "subject": "Test",
    "body": "Test body"
  }
}
  • action_slug (required): The action slug to execute.
  • accountId (required): The connected account ID.
  • arguments (optional): Arguments to pass to the action.

Response (200):

{
  "successful": true,
  "data": { ... }
}

Error Responses

All endpoints return errors in a consistent format:

{ "error": "Description of what went wrong" }
Status Meaning
400 Missing required parameters
401 Missing or invalid X-Org-Token
404 Resource not found (e.g., no connected account)
500 Server error or missing COMPOSIO_API_KEY

Typical Workflow

  1. Search actions to discover what's available for connected integrations.
  2. Get connected account to retrieve the accountId for a specific integration.
  3. Get action details to understand input/output parameters for a chosen action.
  4. Run action to execute the action with the required arguments.
Usage Guidance
This skill's documentation appears to be what it claims (a MakeX/OpenClaw wrapper to discover and run Composio actions), but it expects an organization service token (X-Org-Token) and — in several endpoints — a COMPOSIO_API_KEY environment variable that the registry did not declare. Before installing or enabling this skill: - Confirm where and how you'll supply X-Org-Token and COMPOSIO_API_KEY. Prefer short-lived or least-privilege tokens and avoid supplying full org admin keys if possible. - Ask the skill author (or the platform) to declare COMPOSIO_API_KEY in the skill metadata so permission review is explicit. - Verify the skill's source/homepage and who operates the Composio backend (the SKILL.md references backend.composio.dev) — do not trust unknown/undeclared endpoints. - If you must test, use a non-production org and test tokens to limit blast radius. - Consider disabling autonomous invocation for the skill if you do not want it to call endpoints without explicit user triggers. Because of the undeclared sensitive environment dependency and lack of source/homepage, treat the skill as suspicious until the credential-handling and provenance questions are answered.
Capability Analysis
Type: OpenClaw Skill Name: makex Version: 1.0.0 The skill bundle describes an API for integrating with third-party services via Composio, allowing actions like searching tools, checking connected accounts, getting action details, and running actions. All files are documentation, detailing API endpoints and their expected behavior. There is no evidence of intentional malicious activity such as data exfiltration, unauthorized execution, persistence mechanisms, or prompt injection attempts against the AI agent. The `run-action` endpoint provides powerful capabilities, but this aligns with the stated purpose of an integration skill, and the documentation does not instruct the agent to misuse it. Authentication relies on an `X-Org-Token` provided by the user, which is standard API practice.
Capability Assessment
Purpose & Capability
The skill's name and description (MakeX / OpenClaw integrations) match the runtime instructions: it documents discovery and execution of third-party actions via Composio. However, the SKILL.md repeatedly references a required COMPOSIO_API_KEY environment variable for execution endpoints while the skill registry lists no required env vars or primary credential. That undeclared but required secret is a notable inconsistency.
Instruction Scope
The SKILL.md instructs the agent to call internal endpoints that require an X-Org-Token header and (for execution) a COMPOSIO_API_KEY env var. The instructions do not request reading arbitrary local files or other unrelated secrets, but they assume the runtime has access to a sensitive COMPOSIO_API_KEY that is not declared in the skill metadata. This mismatch means the agent or integrator must supply a sensitive credential out-of-band, which increases risk and decreases transparency.
Install Mechanism
This is instruction-only (no install spec, no code). That lowers the on-disk execution risk because nothing is downloaded or installed by the skill itself.
Credentials
Functionally, COMPOSIO_API_KEY and an X-Org-Token are proportionate to the described service (server-to-server calls into Composio/MakeX). The problem is the skill registry declares no required environment variables or primary credential while the instructions require them. Users should be aware they'd need to provide organization-level tokens (X-Org-Token) and possibly store/provide COMPOSIO_API_KEY to enable run-action/output-structure endpoints — both are sensitive and should be least-privilege and audited.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It's user-invocable and allows autonomous invocation by default (normal for skills). There is no install step that modifies other skills or system-wide settings.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install makex
  3. After installation, invoke the skill by name or use /makex
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
OpenClaw Integrations API initial release: - Introduces secure, token-based endpoints for server-to-server integration management. - Supports action search, action detail retrieval, connected account status, action execution, and output structure preview. - Provides consistent error handling and CORS support. - Comprehensive documentation and example requests/responses included.
Metadata
Slug makex
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is MakeX?

Integrate and execute actions from third-party services via MakeX using OpenClaw API with organization-level authentication and unified endpoints. It is an AI Agent Skill for Claude Code / OpenClaw, with 589 downloads so far.

How do I install MakeX?

Run "/install makex" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is MakeX free?

Yes, MakeX is completely free (open-source). You can download, install and use it at no cost.

Which platforms does MakeX support?

MakeX is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created MakeX?

It is built and maintained by Tanmay Kejriwal (@tkejr); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments