← 返回 Skills 市场
aiwithabidi

Gusto

作者 aiwithabidi · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
387
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install gusto
功能描述
Gusto payroll & HR — manage employees, payroll, benefits, and tax forms via REST API
使用说明 (SKILL.md)

💰 Gusto

Gusto payroll & HR — manage employees, payroll, benefits, and tax forms via REST API

Requirements

Variable Required Description
GUSTO_ACCESS_TOKEN OAuth access token
GUSTO_COMPANY_ID Company UUID

Quick Start

# Get company info
python3 {{baseDir}}/scripts/gusto.py company

# List locations
python3 {{baseDir}}/scripts/gusto.py locations

# List employees
python3 {{baseDir}}/scripts/gusto.py employees

# Get employee
python3 {{baseDir}}/scripts/gusto.py employee-get id \x3Cvalue>

# Create employee
python3 {{baseDir}}/scripts/gusto.py employee-create --first_name \x3Cvalue> --last_name \x3Cvalue> --email \x3Cvalue>

# List payrolls
python3 {{baseDir}}/scripts/gusto.py payrolls --start_date \x3Cvalue> --end_date \x3Cvalue>

# Get payroll
python3 {{baseDir}}/scripts/gusto.py payroll-get id \x3Cvalue>

# List pay schedules
python3 {{baseDir}}/scripts/gusto.py pay-schedules

All Commands

Command Description
company Get company info
locations List locations
employees List employees
employee-get Get employee
employee-create Create employee
payrolls List payrolls
payroll-get Get payroll
pay-schedules List pay schedules
compensations List compensations
benefits List benefits
employee-benefits List employee benefits
contractors List contractors
contractor-payments List contractor payments
tax-forms List tax forms
garnishments List garnishments

Output Format

All commands output JSON by default. Add --human for readable formatted output.

python3 {{baseDir}}/scripts/gusto.py \x3Ccommand> --human

Script Reference

Script Description
{{baseDir}}/scripts/gusto.py Main CLI — all commands in one tool

Credits

Built by M. Abidi | agxntsix.ai YouTube | GitHub Part of the AgxntSix Skill Suite for OpenClaw agents.

📅 Need help setting up OpenClaw for your business? Book a free consultation

安全使用建议
This skill largely matches its stated purpose, but take these precautions before using it with real payroll credentials: 1) Review the script locally—get_env() will open ~/.openclaw/workspace/.env (or a WORKSPACE path) to look for variables; make sure that file does not contain unrelated secrets you don't want the skill accessing. 2) The code contains a likely bug: many API paths keep the literal '{company_id}' placeholder instead of inserting GUSTO_COMPANY_ID; test in a safe environment first. 3) Confirm the GUSTO_ACCESS_TOKEN scope is least-privilege (read-only if you only need reads) and prefer a test account/token. 4) Note the skill's homepage is a third-party developer site (agxntsix.ai), not Gusto's official domain—verify trustworthiness of the publisher before providing sensitive credentials. 5) If you must use it, run it in an isolated environment (limited token, container, or throwaway account) until you are satisfied it behaves as expected.
功能分析
Type: OpenClaw Skill Name: gusto Version: 1.0.0 The skill is classified as suspicious due to two vulnerabilities found in `scripts/gusto.py`. First, the `req` function contains logic (`if path.startswith("http"): url = path`) that would allow Server-Side Request Forgery (SSRF) if a user-controlled path starting with 'http' were passed to it, even though the current command implementations do not directly expose this. Second, the `try_json` function, used for processing user input like `first_name` and `email`, could lead to data type confusion or API misuse if a user provides valid JSON strings instead of simple text, potentially sending unintended data structures to the Gusto API. Additionally, many commands in `scripts/gusto.py` contain a critical functional bug where the `company_id` variable is undefined, leading to `NameError` and making most API calls non-functional.
能力评估
Purpose & Capability
Name, description, declared env vars (GUSTO_ACCESS_TOKEN, GUSTO_COMPANY_ID) and the included CLI script align with a Gusto REST API integration—these credentials are plausible and necessary for the stated purpose.
Instruction Scope
SKILL.md only instructs the agent to run the included Python CLI with the declared env vars, which is appropriate. The script itself, however, will attempt to read a .env file from WORKSPACE or ~/.openclaw/workspace if the env var is not set—this file-read behavior is not documented in SKILL.md and broadens the scope of data the skill will access.
Install Mechanism
No install spec; the skill is instruction + a single Python script using only the stdlib. This is low-risk compared with arbitrary downloads or external installers.
Credentials
The skill requires only two credentials, which is proportionate. However, get_env() will also look for those variables inside a .env file located under WORKSPACE or ~/.openclaw/workspace—a location that may contain other unlisted secrets. The SKILL.md does not declare WORKSPACE or mention the .env lookup. Also, the script uses GUSTO_COMPANY_ID in code but fails to substitute company_id into path placeholders (a functional bug), which could result in malformed requests if not fixed.
Persistence & Privilege
The skill does not request permanent 'always' inclusion, does not install system-wide components, and does not modify other skills' config. It runs as an on-demand CLI tool.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install gusto
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /gusto 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of Gusto payroll & HR skill. - Provides CLI commands for managing employees, payroll, benefits, and tax forms using Gusto's REST API. - Requires GUSTO_ACCESS_TOKEN and GUSTO_COMPANY_ID environment variables. - Outputs JSON by default, with optional human-readable formatting. - No external dependencies; works with Python 3.10+ standard library. - Includes documentation for all commands and quick start examples.
元数据
Slug gusto
版本 1.0.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Gusto 是什么?

Gusto payroll & HR — manage employees, payroll, benefits, and tax forms via REST API. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 387 次。

如何安装 Gusto?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install gusto」即可一键安装,无需额外配置。

Gusto 是免费的吗?

是的,Gusto 完全免费(开源免费),可自由下载、安装和使用。

Gusto 支持哪些平台?

Gusto 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Gusto?

由 aiwithabidi(@aiwithabidi)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论