← Back to Skills Marketplace
215
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install modora-http
Description
Use this skill to analyze PDFs with a remote MoDora HTTP service. Credentials are managed through declared environment variables and are not stored in the se...
Usage Guidance
This skill is internally consistent for its stated purpose. Before installing: (1) only use it if you trust the remote MoDora operator — the skill will transmit your MODORA_USER_API_KEY and related model info to that server; (2) follow the requirement to supply a user-owned settings.json that contains no secrets; (3) you must explicitly opt into remote credential use (--allow-remote-credentials or MODORA_ALLOW_REMOTE_CREDENTIALS=1) to run upload/chat; (4) prefer testing with an ephemeral or scoped API key and confirm the base URL uses HTTPS; (5) if you do not trust the operator, deploy MoDora locally instead or do not use the skill. The code is straightforward and readable; inspect it yourself if you need further assurance.
Capability Analysis
Type: OpenClaw Skill
Name: modora-http
Version: 0.1.3
The MoDora skill bundle is a well-structured tool for interacting with a remote PDF analysis service. It includes several security-conscious features, such as enforcing HTTPS for remote endpoints, scanning user-provided settings files to prevent accidental secret leakage (via find_forbidden_settings_keys in common.py), and requiring an explicit opt-in flag (--allow-remote-credentials) before transmitting data. The scripts use standard Python libraries and align strictly with the stated purpose of document upload and querying without any signs of malicious intent or unauthorized data access.
Capability Assessment
Purpose & Capability
Name/description (PDF analysis via remote MoDora) aligns with requested artifacts: python3, scripts for upload/health/wait/chat, and environment variables for base URL, API key, endpoint, and model. The requested env vars are consistent with a design where the remote service uses user-managed model credentials.
Instruction Scope
SKILL.md and the scripts limit actions to: validating a user-owned settings.json (for routing), enforcing absolute file paths, requiring explicit acknowledgement before remote operations, performing health/upload/status/chat calls to the configured MoDora base URL, and refusing to fall back to server defaults. The instructions do not read unrelated files, system state, or other credentials.
Install Mechanism
No install spec or external downloads; the skill is provided as included Python scripts that run with python3. No remote installers or package downloads are invoked, lowering install-time risk.
Credentials
The required env vars (MODORA_BASE_URL, MODORA_USER_API_KEY, MODORA_USER_ENDPOINT, MODORA_USER_MODEL) are consistent with the skill's design, but they are highly sensitive: the scripts send the API key and endpoint to the remote MoDora service (Authorization and X-Modora-Endpoint headers). The SKILL.md warns and requires explicit user acknowledgement, which is appropriate, but users must understand this means their model credentials are transmitted to and used by that remote operator.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide configs, and has no install-time persistence beyond the provided scripts. Autonomous invocation is allowed (platform default) but there are no additional privileges requested.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install modora-http - After installation, invoke the skill by name or use
/modora-http - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.3
Declare OpenClaw credential metadata, move credentials to environment variables and headers, require HTTPS for remote endpoints, and reject secrets in settings files.
v0.1.2
Declare OpenClaw credential metadata, move credentials to environment variables and headers, require HTTPS for remote endpoints, and reject secrets in settings files.
v0.1.1
Add explicit security disclosure and require acknowledgement before sending remote model credentials.
v0.1.0
Initial release. Supports authenticated MoDora frontend separation, requires user-owned settings.json, and uses multimodal model configuration for HTTP-based
document QA.
Metadata
Frequently Asked Questions
What is modora?
Use this skill to analyze PDFs with a remote MoDora HTTP service. Credentials are managed through declared environment variables and are not stored in the se... It is an AI Agent Skill for Claude Code / OpenClaw, with 215 downloads so far.
How do I install modora?
Run "/install modora-http" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is modora free?
Yes, modora is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does modora support?
modora is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created modora?
It is built and maintained by wu-uk (@wu-uk); the current version is v0.1.3.
More Skills