ClawHub

Advantage Csp

v1.0.2

Advantage CSP integration. Manage data, records, and automate workflows. Use when the user wants to interact with Advantage CSP data.

0· 52·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the SKILL.md exclusively documents using the Membrane CLI to access Advantage CSP. There are no unrelated env vars, binaries, or config paths requested.
Instruction Scope
Runtime instructions are limited to installing/using the Membrane CLI, creating connections, listing actions, running actions, and proxying requests through Membrane. The instructions do not instruct reading system files or unrelated credentials and explicitly advise against asking users for API keys.
Install Mechanism
No automated install spec in the registry (instruction-only). SKILL.md recommends 'npm install -g @membranehq/cli' (and uses npx in one place). Installing a global npm package is a normal but non-trivial action — users should verify the package and author before running it. This is expected for a CLI-based integration.
Credentials
The skill requests no environment variables or credentials and relies on Membrane-managed connections for auth. That is proportionate to the stated purpose; the SKILL.md explicitly warns not to ask for API keys.
Persistence & Privilege
Skill is user-invocable, not always: true, and does not request persistent system-level privileges or modify other skills' configs. It is instruction-only so nothing is written to disk unless the user runs the recommended npm install themselves.
Assessment
This skill is an instructions-only guide for using the Membrane CLI with Advantage CSP and appears coherent. Before installing or running commands: (1) verify the @membranehq/cli package on npm and the referenced GitHub repo to ensure you trust the publisher; (2) prefer using npx for one-off commands instead of globally installing if you want to avoid adding a global binary; (3) be aware that installing a global npm package runs third-party code on your machine; (4) use the Membrane connection flow (browser-based OAuth) rather than pasting API keys into chat; and (5) confirm that any proxy requests you run via Membrane target legitimate Advantage CSP endpoints. If you need higher assurance, inspect the @membranehq/cli source code and npm package integrity before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk972tw7s72f4xd2tfg5dc9mwgs843scq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments