ClawHub

Activeprospect

v1.0.0

ActiveProspect integration. Manage data, records, and automate workflows. Use when the user wants to interact with ActiveProspect data.

0· 51·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description describe ActiveProspect integration and the SKILL.md exclusively instructs using the Membrane CLI to discover actions, run actions, and proxy requests to ActiveProspect. No unrelated credentials, binaries, or system paths are requested — the needed network access and a Membrane account are coherent with the stated purpose.
Instruction Scope
Instructions stay within integration scope (install Membrane CLI, login, create connections, run actions, proxy requests). The SKILL.md recommends installing a third-party CLI globally and using browser-based login flows; it does not instruct reading local files or arbitrary env vars. Note: relying on a CLI means that trust shifts to the @membranehq/cli package and Membrane's servers for auth and proxied requests.
Install Mechanism
No formal install spec in registry metadata, but the SKILL.md instructs running npm install -g @membranehq/cli. This is a public npm package install (moderate risk compared with instruction-only skills). There are no direct download URLs or archives; risk is limited to trusting the npm package and its behavior.
Credentials
The skill declares no required environment variables and explicitly tells agents not to ask users for API keys. Authentication is delegated to Membrane, which is appropriate for this use case. There is no request for unrelated secrets or host config paths.
Persistence & Privilege
The skill does not request always:true or any elevated persistent privileges. It's user-invocable and uses the normal autonomous-invocation default, which is expected for skills of this type. It does not instruct modifying other skills or system-wide settings.
Assessment
This skill is internally consistent: it uses the Membrane CLI to access ActiveProspect and asks only for a Membrane login. Before installing, confirm you trust the @membranehq/cli npm package and the getmembrane.com service (review the package on npm, its GitHub repo, and privacy/security docs). Installing the CLI globally gives that tool the ability to make network requests and manage connections — consider installing in an isolated environment (container or VM) if you have strong security constraints. When completing login flows or headless login codes, avoid pasting secrets into public channels. If you prefer not to trust a third-party proxy, you can instead integrate directly with ActiveProspect's official API using your own credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97aa55gnjcd143d8dbjb9ccws84dknq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments