ClawHub

Bringg

v1.0.0

Bringg integration. Manage data, records, and automate workflows. Use when the user wants to interact with Bringg data.

0· 45·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description promise a Bringg integration and the SKILL.md shows only Membrane CLI commands to connect to Bringg and run/proxy Bringg API calls. Nothing requested (no env vars, no unrelated binaries) conflicts with that purpose.
Instruction Scope
Runtime instructions are limited to installing and using the Membrane CLI, performing Membrane login (browser-based), creating/listing connections, running actions, and proxying requests to Bringg. The instructions do not ask the agent to read unrelated files or exfiltrate data.
Install Mechanism
There is no built-in install spec in the registry; the SKILL.md recommends installing @membranehq/cli via npm (a public registry). This is a common, proportionate instruction for CLI tooling and does not use obscure download URLs.
Credentials
The skill declares no required environment variables or credentials and explicitly instructs not to ask users for API keys, relying on Membrane to manage auth. That matches the described behavior and is proportionate to the task.
Persistence & Privilege
The skill is not always-on and uses default autonomous invocation settings. It does not request system-wide configuration changes or access to other skills' credentials.
Assessment
This skill is an instruction-only integration that relies on the Membrane CLI and browser-based Membrane account authentication to talk to Bringg. Before installing or running: (1) verify the @membranehq/cli npm package (publisher, version, and npm page) and confirm you trust Membrane as a mediate service; (2) be aware that installing npm packages globally modifies your environment; (3) when connecting Bringg via the Membrane flow, review the permissions/scopes requested by the connection; and (4) prefer using an account or tenant with least privilege for testing rather than production credentials. If you need higher assurance, ask the skill author for a reproducible reviewable install spec or an audited release URL for the CLI.

Like a lobster shell, security has layers — review code before you run it.

latestvk97exjdqcgq12zt3chz9m0f4a184e0wd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments