ClawHub

Bigmailer

v1.0.2

BigMailer integration. Manage data, records, and automate workflows. Use when the user wants to interact with BigMailer data.

0· 122·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name, description, and instructions all focus on interacting with BigMailer via the Membrane CLI. There are no unrelated required env vars, binaries, or config paths.
Instruction Scope
SKILL.md only instructs installing and using the Membrane CLI, creating connections, listing actions, running actions, and proxying requests to the BigMailer API. It does not ask to read unrelated files, export secrets, or send data to unexpected endpoints.
Install Mechanism
This is instruction-only but asks the user to install a global npm package (@membranehq/cli). Installing an npm CLI is reasonable for this purpose but has the usual risks of third-party packages — verify package provenance before installing (npm registry, maintainer, and source).
Credentials
The skill declares no required env vars or credentials. Authentication is delegated to Membrane (browser-based login and server-side credential handling), which is proportionate to integrating with BigMailer.
Persistence & Privilege
The skill does not request persistent or elevated platform privileges (always:false). It is user-invocable and uses the CLI for auth; nothing indicates it modifies other skills or global agent settings.
Assessment
This skill appears coherent: it tells you to install and use the official Membrane CLI to connect to BigMailer and does not ask for unrelated secrets. Before installing, verify the @membranehq/cli package on the npm registry and its repository (check stars, recent activity, and publisher), confirm the getmembrane.com / GitHub links are legitimate, and run the CLI in an environment you control. During login, review any permissions the browser prompts request. If you prefer not to install global npm packages on your machine, consider running the CLI in a container or VM. If you need higher assurance, inspect the CLI source code or the package publish history before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk976mmx6xfwa05z2vn27g3m0e1843vz5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments