ClawHub

Bolt Iot

v1.0.2

Bolt IoT integration. Manage data, records, and automate workflows. Use when the user wants to interact with Bolt IoT data.

0· 89·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill describes Bolt IoT integration and only requires use of the Membrane CLI, a network connection, and a Membrane account — all consistent with managing Bolt IoT devices and data. It does not ask for unrelated cloud credentials or system access.
Instruction Scope
SKILL.md instructs the agent to install and use the Membrane CLI to search/connect/list/run actions and to proxy requests to Bolt IoT. It does not direct reading arbitrary local files, harvesting environment variables, or transmitting data to unexpected endpoints beyond Membrane/Bolt APIs.
Install Mechanism
There is no automated install spec in the skill (instruction-only). The document recommends installing @membranehq/cli via `npm install -g`, which is reasonable for this workflow but requires the user to trust and vet that npm package and accept global install implications (privileges, PATH changes).
Credentials
The skill declares no required env vars or credentials and explicitly advises using Membrane connections rather than asking users for API keys. This is proportionate: authentication is delegated to Membrane (browser flow or headless code flow).
Persistence & Privilege
The skill is not always-enabled, contains no install-time hooks, and does not request system-wide configuration changes or elevated privileges. It does not modify other skills or request persistent access beyond normal Membrane client authentication.
Assessment
This skill is coherent with its stated purpose, but review and vet the Membrane CLI before installing (check the @membranehq/cli npm package and its GitHub repo). Understand that authentication uses a browser flow and that Membrane will hold/connect credentials on your behalf — review their docs and privacy/security practices. If you must run in headless or CI environments, follow safe practices for completing Membrane's headless auth flow and avoid pasting secrets into untrusted prompts. Finally, installing global npm packages requires attention to permissions; consider using a scoped environment (nvm, container, or CI user) if you are cautious.

Like a lobster shell, security has layers — review code before you run it.

latestvk975jhcc3efe0h3s114f6thka5842ahh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments