Abstract

v1.0.2

Abstract integration. Manage data, records, and automate workflows. Use when the user wants to interact with Abstract data.

⭐ 0· 138·0 current·0 all-time

byVlad Ursul@gora050

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

ℹ

Purpose & Capability

The skill's name/description (Abstract integration) matches the instructions (use Membrane to connect to Abstract). Minor inconsistency: SKILL.md instructs installing the Membrane CLI via npm (which requires node/npm), but the skill metadata lists no required binaries.

✓

Instruction Scope

Instructions are scoped to installing/using the Membrane CLI, creating connections, listing actions, running actions, and proxying requests to Abstract. They do not ask to read unrelated files, access arbitrary env vars, or exfiltrate data outside Membrane/Abstract flows.

ℹ

Install Mechanism

This is an instruction-only skill (no install spec). It recommends installing @membranehq/cli from the public npm registry (npm install -g), which is a typical, moderate-risk mechanism; the registry metadata does not declare npm/node as required binaries.

✓

Credentials

The skill declares no required environment variables or credentials and explicitly advises letting Membrane handle auth. There are no unexplained secret requests.

✓

Persistence & Privilege

always is false and the skill is user-invocable. It does not request persistent privileges, nor does it instruct modifying other skills or global agent configuration.

Assessment

This skill appears to do what it says: it instructs the agent to use the Membrane CLI to talk to Abstract. Before installing or running commands, note: 1) you will need node/npm to install the CLI (the skill metadata doesn't declare this), and npm -g writes binaries to your system PATH; 2) the CLI opens a browser for authentication and will manage credentials server-side — only proceed if you trust Membrane/@membranehq; 3) verify the @membranehq/cli package on npm and the linked GitHub repo to ensure you are installing the official package; 4) avoid pasting unrelated secrets into prompts and prefer to perform the initial login/connection yourself rather than giving unattended agents permission to run installs or authenticate.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cwd1hm43xdw8gyrh7byq3e18421a4

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Abstract

License

Comments