ClawHub

Asana

v1.0.2

Asana integration. Manage project management and ticketing data, records, and workflows. Use when the user wants to interact with Asana data.

0· 298·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill declares an Asana integration and all runtime instructions show using the Membrane CLI to authenticate and call Asana; required capabilities (network, Membrane account) match the stated purpose and no unrelated credentials or binaries are requested.
Instruction Scope
SKILL.md limits runtime activity to installing/using @membranehq/cli, logging in, creating/listing connections, running actions, and proxying Asana API calls via Membrane. It does not instruct the agent to read unrelated files, access unrelated env vars, or exfiltrate data outside the Membrane/Asana flow.
Install Mechanism
Installation is instruction-only and asks the user to run `npm install -g @membranehq/cli`. Installing a global npm package is a normal approach but does mean third‑party code will be installed and run on the host — verify the package source and trustworthiness before installing.
Credentials
The skill requests no environment variables or local credentials; it relies on Membrane to manage Asana auth server-side, which is proportionate to the described design.
Persistence & Privilege
The skill is not force-enabled (always: false) and uses standard, user-invocable behavior. There is no indication it modifies other skills or system-wide settings.
Assessment
This skill is internally consistent with an Asana integration that delegates auth and API calls to Membrane. Before installing: (1) verify and trust the @membranehq/cli npm package and its publisher (review the npm page and GitHub repo), since the CLI will run on your machine; (2) review Membrane's privacy and security practices because your Asana access will be routed through their service; (3) in shared or CI/headless environments, be cautious when completing interactive login flows or pasting codes; and (4) if you prefer to keep credentials local, confirm whether Membrane's server-side auth model fits your security requirements.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bb5a18zjw86f68hqxqpa3t9842vts

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments