Boloforms
v1.0.2Boloforms integration. Manage data, records, and automate workflows. Use when the user wants to interact with Boloforms data.
⭐ 0· 122·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill is an integration for Boloforms and is implemented as an instruction-only guide that uses the Membrane CLI to perform actions and proxy API requests — this is consistent with the stated purpose.
Instruction Scope
SKILL.md instructs installing and using the Membrane CLI, logging in, listing/connecting actions, and proxying requests to Boloforms. It does not instruct the agent to read unrelated files, environment variables, or system state, nor to exfiltrate data to unexpected endpoints.
Install Mechanism
The skill is instruction-only (no install spec), but it recommends installing @membranehq/cli via `npm install -g`. Installing a public npm package is a normal step for this integration but carries the usual trust considerations for global npm packages (runs code on the host, writes to disk).
Credentials
No environment variables or credentials are declared by the skill. Authentication is delegated to Membrane's login flow (browser-based OAuth-like flow) which is reasonable for this integration and avoids asking for raw API keys.
Persistence & Privilege
The skill does not request always-on presence and uses the platform defaults for invocation. It does not ask to modify other skills or system-wide settings.
Assessment
This skill appears coherent and implements Boloforms access via the Membrane CLI. Before installing or following the instructions: (1) verify you trust the @membranehq/cli npm package and the getmembrane.com service (check the npm package page, GitHub repo and recent publisher activity); (2) prefer non-global installation patterns (or use a container/isolated environment) if you are cautious about global npm installs; (3) confirm the login flow in a browser and do not paste credentials into unknown prompts — Membrane should handle auth via the browser flow; (4) if you need stronger assurance, review the Membrane CLI source on GitHub and the package's npm release history for suspicious activity. If any step asks for unrelated secrets or system files, stop and investigate.Like a lobster shell, security has layers — review code before you run it.
latestvk9716z5etn8f371mwgv7p4y2n1843bme
License
MIT-0
Free to use, modify, and redistribute. No attribution required.