← Back to Skills Marketplace
brucegutman

Pipeworx could-have-been-email

by Bruce Gutman · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
75
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install pipeworx-could-have-been-email
Description
Analyzes meeting transcripts to determine if the discussion could have been an email, returning filler word count and decisions.
Usage Guidance
This skill appears to send meeting transcripts to an external service (gateway.pipeworx.io) and mentions an X-API-Key, but the skill metadata doesn't declare any required credentials or explain where the key comes from. Before installing: 1) Ask the publisher for a homepage, privacy policy, and owner identity. 2) Require the skill to declare the exact env var name for the API key and explain key scopes and storage recommendations. 3) Confirm what transcript data is transmitted, how long it is stored, and whether PII will be retained. 4) Avoid sending sensitive meeting content until you verify the service and the API-key handling. Providing those clarifications would move this assessment toward benign; absent them, treat the skill as suspicious.
Capability Analysis
Type: OpenClaw Skill Name: pipeworx-could-have-been-email Version: 1.0.0 The skill provides a wrapper for an external MCP server (https://gateway.pipeworx.io/could-have-been-email/mcp) to analyze meeting transcripts for filler words and efficiency. The behavior is clearly aligned with the stated purpose in SKILL.md, and there are no indicators of malicious intent, data exfiltration of sensitive system files, or prompt injection.
Capability Tags
requires-sensitive-credentials
Capability Assessment
Purpose & Capability
The description says it analyzes meeting transcripts and returns filler-word counts and decisions — that capability plausibly requires calling an external service. However SKILL.md explicitly states it "requires X-API-Key" and points to an external gateway (gateway.pipeworx.io) while the skill metadata lists no required environment variables or primary credential. The missing API-key declaration is an incoherence.
Instruction Scope
The runtime instructions are minimal but imply sending meeting transcripts to an external MCP endpoint. They do not specify how the X-API-Key is supplied, what data is sent, or any privacy/retention behavior. Any skill that transmits meeting transcripts externally should explicitly document required credentials and data handling; this one does not.
Install Mechanism
No install spec and no code files are present (instruction-only). That minimizes on-disk installation risk — nothing is downloaded or executed locally by the skill itself.
Credentials
SKILL.md states an API key is required (X-API-Key) but the registry entry declares no env vars or primary credential. Requesting an external API key is plausible, but an undisclosed credential requirement is disproportionate and unclear. There's no indication what scopes/permissions that key has or where it should be stored.
Persistence & Privilege
The skill is not always-on and uses default autonomous invocation settings. There's no indication it requests permanent agent changes or elevated system privileges. Note: autonomous invocation combined with an external API (and an API key) increases data-exfiltration risk, but autonomous invocation itself is expected.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install pipeworx-could-have-been-email
  3. After installation, invoke the skill by name or use /pipeworx-could-have-been-email
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Slug pipeworx-could-have-been-email
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Pipeworx could-have-been-email?

Analyzes meeting transcripts to determine if the discussion could have been an email, returning filler word count and decisions. It is an AI Agent Skill for Claude Code / OpenClaw, with 75 downloads so far.

How do I install Pipeworx could-have-been-email?

Run "/install pipeworx-could-have-been-email" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Pipeworx could-have-been-email free?

Yes, Pipeworx could-have-been-email is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Pipeworx could-have-been-email support?

Pipeworx could-have-been-email is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Pipeworx could-have-been-email?

It is built and maintained by Bruce Gutman (@brucegutman); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463942 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259883 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200739 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191401 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190375 · by oswalpalash

💬 Comments