← Back to Skills Marketplace
ericjbone

Baserow

by Eric Bone · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
397
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install baserow
Description
Work with Baserow tables/rows over the REST API for reads, inserts, and updates. Use when user asks to view or modify Baserow CRM/pipeline data.
README (SKILL.md)

Baserow Skill

Use Baserow REST API directly via Python stdlib (urllib). API docs: https://baserow.ericbone.me/api-docs/database/265

Local auth convention (this workspace)

Primary env vars in ~/.openclaw/.env:

  • BASEROW_BASE_URL=https://baserow.ericbone.me
  • BASEROW_TOKEN=\x3Cpersonal API token> (static; no expiry)

Auth header for DB calls:

Authorization: Token \x3CBASEROW_TOKEN>

Core API patterns

Base endpoint:

$BASEROW_BASE_URL/api/database/rows/table/{table_id}/

Always include: ?user_field_names=true

Renpho CRM table map (DB 265)

  • 827 Sales Pipeline (BD Opportunity table)
  • 828 Opportunity Line Items
  • 829 Contacts
  • 830 Interactions
  • 831 Account Execution

Operating conventions (Renpho)

  • For inbound/outbound emails that are active deal motion: log in Interactions (830) and link Contact + Opportunity.
  • Create/update a Sales Pipeline (827) opportunity for real BD opportunities.
  • BD Inbox field can be used for intake linkage when that inbox object is present, but in-progress opportunity work should still live in Pipeline + Interactions.
  • Keep Interactions to real sales interactions (no LinkedIn enrichment spam).

⚠️ Critical: .env Must Have Real Newlines

The .env file must use real newlines between vars, NOT \ literals:

BASEROW_BASE_URL="https://baserow.ericbone.me"
BASEROW_TOKEN="mOsuizlNhyUWclr7xKjIgxJxdMPVmkNy"

If written by an agent (e.g. write tool), verify with cat ~/.openclaw/.env — literal \ breaks export $(grep ...) silently.

⚠️ Use curl for Writes (PATCH/POST), Python for Reads

Python urllib returns 403 on PATCH/POST against this Baserow instance. Use curl for all writes. Python urllib is fine for GET/reads.

Minimal examples

List rows (Python OK for reads)

export $(grep -v '^#' ~/.openclaw/.env | xargs) && python3 - \x3C\x3C'PY'
import os, json, urllib.request
base=os.environ['BASEROW_BASE_URL'].rstrip('/')
token=os.environ['BASEROW_TOKEN']
table=829
url=f"{base}/api/database/rows/table/{table}/?user_field_names=true&size=50"
req=urllib.request.Request(url, headers={"Authorization": f"Token {token}"})
with urllib.request.urlopen(req, timeout=30) as r:
  print(json.dumps(json.load(r), indent=2)[:8000])
PY

Create row (use curl)

source ~/.openclaw/.env  # or export from .env
curl -s -X POST \
  -H "Authorization: Token $BASEROW_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"Interaction title":"Example","Type":"Email","Sales Pipeline":[5],"Contact":[3]}' \
  "$BASEROW_BASE_URL/api/database/rows/table/830/?user_field_names=true"

Update row (use curl)

source ~/.openclaw/.env
curl -s -X PATCH \
  -H "Authorization: Token $BASEROW_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"Blockers":"Updated blocker text","Last Touch":"2026-02-24"}' \
  "$BASEROW_BASE_URL/api/database/rows/table/827/5/?user_field_names=true"

Safety

  • Confirm table + row targets before bulk updates/deletes.
  • Prefer small scoped updates and echo changed fields.
  • Treat Baserow as source-of-truth for Renpho sales workflow (DB 265).
Usage Guidance
Do not install blindly. Ask the publisher to explain the registry/README mismatch (the registry says no env vars, the SKILL.md requires BASEROW_BASE_URL and BASEROW_TOKEN). Confirm whether the token string included in the SKILL.md is a real credential; if it is, rotate it immediately and do not use this skill until the token is revoked. Prefer creating a least-privilege API token scoped only to the tables/operations the agent needs. If you proceed, store the token securely (avoid long-lived plaintext if possible), verify the base URL is the intended host, and test with a disposable token first. If you lack confidence in the publisher, treat this skill as untrusted and do not give it access to production tokens.
Capability Analysis
Type: OpenClaw Skill Name: baserow Version: 1.0.0 The skill is classified as suspicious primarily due to a hardcoded example API token (`mOsuizlNhyUWclr7xKjIgxJxdMPVmkNy`) present in the `SKILL.md` file. While intended as an example, an AI agent might inadvertently use this token if the `BASEROW_TOKEN` environment variable is not properly configured, potentially granting unauthorized access to the `baserow.ericbone.me` service. Additionally, the skill utilizes shell commands (`curl`, `python3`, `grep`, `xargs`, `source`) to interact with the API and load environment variables, which, while functional for its stated purpose, could pose command injection risks if inputs were not strictly controlled. There is no clear evidence of intentional malicious behavior such as data exfiltration to unauthorized endpoints, persistence mechanisms, or obfuscation.
Capability Assessment
Purpose & Capability
The skill name/description (Baserow REST access) aligns with the runtime instructions which call a Baserow API. However the registry metadata claims no required environment variables while the SKILL.md clearly requires BASEROW_BASE_URL and BASEROW_TOKEN. The SKILL.md also hardcodes a default instance (https://baserow.ericbone.me) and maps specific table IDs for a Renpho CRM — that makes this skill specific to a single deployment rather than a general Baserow integration. These discrepancies are unexpected and should be clarified.
Instruction Scope
Instructions are explicit about how to read/write rows (python urllib for GET, curl for PATCH/POST) and reference the local secrets file ~/.openclaw/.env. Reading that file and sourcing it is required to operate, which is within scope for this integration. The SKILL.md also instructs agents to write/validate the .env (and to use shell export/grep/xargs), which grants the agent the ability to create or read a plaintext token file — reasonable for operation but sensitive and should be constrained and audited.
Install Mechanism
This is an instruction-only skill with no install steps or additional packages, and it relies only on python3 and standard shell tools. No downloads or archives are performed, so install-risk is low.
Credentials
The SKILL.md requires BASEROW_TOKEN and BASEROW_BASE_URL (a personal API token and base URL), but the registry metadata did not list any required env vars or a primary credential. Worse, the README contains a literal token-like example value ('mOsuizlNhy...'), which could be an exposed credential. Requesting a Baserow token is reasonable for this purpose, but (a) the missing declaration in registry metadata is an inconsistency, and (b) the presence of a sample token in the skill doc is a high-risk disclosure that must be verified and rotated if real.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request system-wide configuration changes or persistent installation. However, because the skill requires a token, if the agent is allowed to invoke the skill autonomously it could act on that token — this is normal but worth noting as an operational risk if the token has broad privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install baserow
  3. After installation, invoke the skill by name or use /baserow
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of the baserow skill to work with Baserow tables and rows via REST API for reading, inserting, and updating CRM/pipeline data. - Supports reading with Python (GET requests) and requires curl for writes (POST/PATCH) due to API limitations. - Includes documentation for environment variable setup, authentication, table mappings for Renpho CRM, and minimal usage examples. - Highlights important safety and usage conventions for integrating with Baserow in Renpho sales workflows.
Metadata
Slug baserow
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Baserow?

Work with Baserow tables/rows over the REST API for reads, inserts, and updates. Use when user asks to view or modify Baserow CRM/pipeline data. It is an AI Agent Skill for Claude Code / OpenClaw, with 397 downloads so far.

How do I install Baserow?

Run "/install baserow" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Baserow free?

Yes, Baserow is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Baserow support?

Baserow is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Baserow?

It is built and maintained by Eric Bone (@ericjbone); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments