Appcircle
v1.0.0Appcircle integration. Manage data, records, and automate workflows. Use when the user wants to interact with Appcircle data.
⭐ 0· 25·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (Appcircle integration) matches the instructions: the SKILL.md tells the agent to use the Membrane CLI to create connections, run actions, and proxy requests to Appcircle. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Runtime instructions stay on-topic: they explain installing and using the Membrane CLI, logging in, creating/using Appcircle connections, discovering and running actions, and proxying API requests. The instructions do not ask the agent to read unrelated files or exfiltrate data.
Install Mechanism
This is an instruction-only skill (no automatic install). It asks users to run `npm install -g @membranehq/cli`, which is a standard way to obtain a CLI from npm. Installing global npm packages carries the usual risks of global package installs (supply-chain risk), but this is expected for a CLI-based integration.
Credentials
No environment variables, credentials, or config paths are requested by the skill. Authentication is delegated to Membrane's browser-based flow, which matches the stated best-practice of not asking for API keys locally.
Persistence & Privilege
The skill is not marked always:true and is user-invocable. It does not request persistent system-wide changes or access to other skills' configs. Autonomous invocation (disable-model-invocation:false) is the platform default and not itself a red flag here.
Assessment
This skill is coherent: it instructs use of the Membrane CLI to connect to Appcircle and does not ask for unrelated secrets. Before installing or running: (1) verify you trust the Membrane project and the npm package (@membranehq/cli) by checking the official site/repo and recent package versions; (2) prefer installing the CLI in a controlled environment (container, VM, or non-root user) if you are cautious about global npm installs; (3) during the Membrane login flow, review the OAuth/permission scopes requested and avoid granting overly broad organization-level access unless necessary; (4) remember this skill only provides instructions — it will not automatically install software, but the agent can run the CLI when invoked. If you want extra assurance, ask for the Membrane CLI repository/package links and verify checksums/signatures before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk979vx0zsq2f7s1dfrt0fwfktd846c5t
License
MIT-0
Free to use, modify, and redistribute. No attribution required.