← Back to Skills Marketplace
90
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install skool-all-in-one-api
Description
Full read AND write access to Skool communities. Use when user asks to manage Skool members (approve, reject, list pending), read or create posts, reply to c...
Usage Guidance
This skill runs an external Apify actor (cristiantala~skool-all-in-one-api) to manage Skool on your behalf. Consequences to consider before installing:
- APIFY_TOKEN: This token lets the skill start actors under your Apify account. Use a dedicated, limited token and revoke it if you stop using the skill.
- Skool credentials: The documented login flow sends your Skool email/password to the remote actor (or stores cookies returned by that actor). Only provide these if you trust the actor owner and Apify; prefer giving cookies you control or avoid supplying your password when possible.
- Third‑party code: The actor runs on apify.com under someone else's account. Inspect the actor's source on Apify (if available) or contact the actor author to confirm behavior. Treat this like granting a remote service browser access to your Skool session.
- Binaries mismatch: The skill declares node + mcpc but examples use curl. You may not need to install mcpc for the curl-based flows; verify what your chosen workflow actually requires.
If you proceed, limit risk by creating a scoped APIFY token, avoid reusing your primary Skool password, and test with a non-critical Skool account or group first. If you need help verifying the actor code or alternative approaches that avoid sending passwords to a third party, ask for that review.
Capability Analysis
Type: OpenClaw Skill
Name: skool-all-in-one-api
Version: 1.0.0
The skill provides an interface to manage Skool communities via a third-party Apify actor (cristiantala~skool-all-in-one-api). It requires the AI agent to handle sensitive credentials, including the user's Skool email and password, and execute shell commands (curl, grep, export) to interact with the Apify API. While these capabilities are aligned with the stated purpose of community automation, the practice of passing raw credentials through shell environments and to an external actor represents a high-risk pattern without built-in sanitization or secure credential management.
Capability Assessment
Purpose & Capability
The skill's stated purpose — full read/write Skool management via Apify — matches the instructions that call an Apify actor. Requiring an APIFY_TOKEN is appropriate. However the skill also declares node + mcpc as required binaries while the provided curl-based examples never invoke mcpc; that mismatch is unexpected but not necessarily malicious.
Instruction Scope
SKILL.md tells the agent to run a remote Apify actor and (optionally) supply the user's Skool email+password to that actor (the actor performs Playwright login and returns cookies). That means sensitive Skool credentials (or session cookies) will be transmitted to and handled by a third‑party actor on apify.com. The instructions also direct storing and reusing cookies and do not describe access controls for those cookies.
Install Mechanism
Install spec uses npm to install @apify/mcpc which is a registry package — a normal, low-risk mechanism. The concern is procedural: SKILL.md examples use curl to call Apify API rather than mcpc, so installing mcpc may be unnecessary for the documented flows.
Credentials
The only required env var is APIFY_TOKEN, which is appropriate for running Apify actors. However the runtime requires user Skool credentials (email/password) in some flows — these are not listed as required env vars and will be transmitted in actor run payloads. APIFY_TOKEN grants the ability to start runs under your Apify account; if compromised or over‑privileged this could be abused. Declared binaries (node/mcpc) increase local surface despite the curl examples not using them.
Persistence & Privilege
always is false and the skill does not request permanent platform presence or system-wide config changes. Autonomous invocation is enabled by default but that is normal; the skill does not request elevated platform privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skool-all-in-one-api - After installation, invoke the skill by name or use
/skool-all-in-one-api - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: posts CRUD, nested comments, members with AI screening, events, user mentions. Cookie-based auth.
Metadata
Frequently Asked Questions
What is Skool All-in-One API?
Full read AND write access to Skool communities. Use when user asks to manage Skool members (approve, reject, list pending), read or create posts, reply to c... It is an AI Agent Skill for Claude Code / OpenClaw, with 90 downloads so far.
How do I install Skool All-in-One API?
Run "/install skool-all-in-one-api" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skool All-in-One API free?
Yes, Skool All-in-One API is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Skool All-in-One API support?
Skool All-in-One API is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skool All-in-One API?
It is built and maintained by ctala (@ctala); the current version is v1.0.0.
More Skills