Blend
v1.0.0Blend integration. Manage data, records, and automate workflows. Use when the user wants to interact with Blend data.
⭐ 0· 62·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Blend integration) match the instructions: the SKILL.md explains how to use Membrane to connect to Blend, discover actions, run them, and proxy API calls. There are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope
Instructions are focused on installing and using the Membrane CLI, performing connector discovery, creating a connection (browser-based auth), running prebuilt actions, and proxying arbitrary requests to the Blend API via Membrane. The ability to proxy arbitrary endpoints is expected for this integration but does allow comprehensive access to Blend data once a connection is authorized.
Install Mechanism
There is no registry install spec; the SKILL.md instructs users/agents to install @membranehq/cli via npm (global install or npx). Installing from the public npm registry is a common approach but is a moderate-risk install action compared with instruction-only skills that don't require any new packages. The SKILL.md does not instruct downloading code from untrusted URLs or extracting archives.
Credentials
The skill requests no environment variables or local credentials. Authentication is delegated to Membrane (browser login / connector flow), which is proportional to the declared purpose. No unrelated secrets are requested.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent system privileges. It does not modify other skills or system-wide configs. Model invocation is allowed (default), which is normal for agent skills.
Assessment
This skill appears coherent for integrating with Blend via Membrane. Before installing/using it: (1) verify the authenticity of the @membranehq/cli package (check npmjs and the linked GitHub repo), (2) avoid global installs on shared machines or CI runners—use npx or install in a controlled environment, (3) be aware that once you create a Membrane connection the CLI can proxy arbitrary Blend API requests (so only authorize accounts you trust), and (4) confirm your organization's policy about sending data through third-party proxy services like Membrane if that matters for compliance or data sensitivity.Like a lobster shell, security has layers — review code before you run it.
latestvk97ema48egpqw3f4mrbq69njrs849x4s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.