OpenClaw ยท Skill
Vikunja Kanban
Manage a Vikunja kanban board via API. Read status, create/move/complete tasks, and integrate with heartbeat and triage crons.
Install
Start with the primary install command. Alternate entrypoints are included below for ClawHub and OpenClaw CLI users.
Primary command
clawhub install shad0wca7/vikunja-kanbanClawHub installer
npx clawhub@latest install shad0wca7/vikunja-kanbanOpenClaw CLI
openclaw skills install shad0wca7/vikunja-kanbanDirect OpenClaw install
openclaw install shad0wca7/vikunja-kanbanWhat this skill does
Manage a Vikunja kanban board via API. Read status, create/move/complete tasks, and integrate with heartbeat and triage crons.
Why it matters
Uses a long-lived API token so other crons can call the scripts directly without handling JWT refresh or re-authentication.
Typical use cases
- Adding an incoming email action item to the Inbox bucket
- Moving a task from Active Projects to Done after finishing work
- Checking urgent tasks aging over an hour during a heartbeat run
- Creating a high-priority infra task in the System Issues bucket
- Filtering the board to see only tasks in a specific bucket
Source instructions
Vikunja Kanban Skill
Manage a Vikunja kanban board via API. Read status, create/move/complete tasks, and integrate with heartbeat and triage crons.
Config
Credentials stored in secrets/vikunja.env:
VIKUNJA_URL=https://your-vikunja-instance
VIKUNJA_TOKEN=${VIKUNJA_TOKEN}
VIKUNJA_PROJECT_ID=1
VIKUNJA_VIEW_ID=4
Authentication
All scripts use a long-lived API token (expires 2030-01-01). No JWT login needed.
- Permissions: tasks (read_all, update, create, delete), projects (read_all, update, create)
- JWT login credentials kept in
secrets/vikunja.envfor reference only
Bucket IDs
| ID | Name | Purpose |
|---|---|---|
| 1 | ๐ด Urgent | Needs immediate attention |
| 2 | โณ Waiting On | Sent/requested, awaiting reply |
| 7 | โ ๏ธ System Issues | Infra/system problems |
| 8 | ๐ง Active Projects | In progress |
| 9 | ๐ Upcoming | Scheduled/future |
| 10 | ๐ฅ Inbox | New items, untriaged |
| 3 | โ Done | Completed |
Scripts
All scripts are in the skill's scripts/ directory. Run from the skill root.
Read the board
bash scripts/vikunja-status.sh # All buckets
bash scripts/vikunja-status.sh "Urgent" # Filter by bucket name
Add a task
bash scripts/vikunja-add-task.sh "Title" "Description" BUCKET_ID [PRIORITY]
# Priority: 0=unset, 1=low, 2=medium, 3=high, 4=urgent
# Example: bash scripts/vikunja-add-task.sh "Fix DNS" "Check records" 1 4
Move a task between buckets
bash scripts/vikunja-move-task.sh TASK_ID BUCKET_ID
# Example: bash scripts/vikunja-move-task.sh 15 3 # Move to Done
Complete a task
bash scripts/vikunja-complete-task.sh TASK_ID
Heartbeat Integration
The heartbeat cron reads from Vikunja:
bash scripts/vikunja-status.sh
- Check ๐ด Urgent for items aging >1h
- If Vikunja unreachable, fall back to
scripts/nc-status-board.sh read
Email Triage Integration
Email triage adds Action Required items to the Inbox bucket:
bash scripts/vikunja-add-task.sh "Email subject" "Brief description" 10 3
API Reference
- Base URL: https://your-vikunja-instance/api/v1
- Auth: POST /login with username/password โ JWT token (short-lived)
- Tasks: PUT /projects/{id}/tasks (create), POST /tasks/{id} (update)
- Buckets: POST /projects/{id}/views/{view}/buckets/{bucket}/tasks (move task)
- Views: GET /projects/{id}/views/{view}/tasks (list tasks by bucket)
- Projects: POST /projects/{id} (update title/settings), GET /projects (list all)
- Sharing: PUT /projects/{id}/users
{"username":"...", "right":N}(add user) - Users: GET /users?s=query (search), POST /user/password (self-service password change)
Known API Bugs & Gotchas
Sharing permissions ignored on creation
PUT /projects/{id}/users ignores the right field โ always creates with permission=0 (read-only).
Workaround: Set permission directly in PostgreSQL:
UPDATE users_projects SET permission = 2 WHERE user_id = X AND project_id = Y;
Permission values: 0=read-only, 1=read+write, 2=admin
Default Inbox project cannot be deleted
Every new user gets an auto-created "Inbox" project. DELETE /projects/{id} returns error 3012.
Workaround: Rename it: POST /projects/{id} with {"title":"New Name"}
Password change is self-service only
No admin endpoint to change another user's password. Must login as the target user:
POST /api/v1/user/password with {"old_password":"...", "new_password":"..."}
API token creation needs both tasks AND projects permissions
Tokens with only tasks permissions cannot read kanban views (returns 401).
Must include: "permissions":{"tasks":["read_all","update","create","delete"],"projects":["read_all","update","create"]}
Token creation endpoint
PUT /api/v1/tokens to create, GET /api/v1/tokens to list, DELETE /api/v1/tokens/{id} to remove.
Required fields: title, expires_at (ISO-8601), permissions (object with permission groups).
Notes
- Long-lived API token used (expires 2030) โ no JWT login overhead
- Vikunja uses PUT for creation, POST for updates (unusual)
- Bucket IDs are specific to the Kanban view (view_id=4)
- Project name: "Kit Operations" (renamed from default "Inbox")
- Project shared: Kit (id:1, admin/owner), Alex (id:2, admin via DB fix)
- Token has tasks + projects permissions; covers all kanban operations
- Each user gets a default project that can't be deleted โ rename to avoid confusion