ClawHub

Cafe 24

v1.0.2

Cafe 24 integration. Manage data, records, and automate workflows. Use when the user wants to interact with Cafe 24 data.

0· 89·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the skill directs the agent to use the Membrane CLI to interact with Cafe24 APIs and discover/run actions. No unrelated credentials, binaries, or platform access are requested.
Instruction Scope
SKILL.md limits runtime actions to installing/using the Membrane CLI, creating connections, listing actions, running actions, and proxying requests to Cafe24. It does not instruct reading unrelated files, harvesting environment variables, or sending data to unexpected endpoints.
Install Mechanism
The registry provides no install spec (instruction-only). The doc recommends installing @membranehq/cli via npm or using npx. Installing a third-party npm CLI is a reasonable step for this integration but has the usual supply-chain considerations (package integrity, permissions) since it will fetch code from the npm registry.
Credentials
The skill declares no required env vars or credentials and explicitly delegates auth to Membrane (browser-based login / Membrane-managed connections). No unrelated secrets are requested.
Persistence & Privilege
The skill is not forced-always, requests no persistent system-wide changes, and does not modify other skills' configs. Autonomous invocation is enabled by default but is not combined with other concerning privileges.
Assessment
This skill is coherent and appears to do what it says: it relies on the Membrane CLI to proxy requests to Cafe24 and handles auth via browser login. Before installing or running commands, consider: (1) installing an npm package (or using npx) pulls code from the npm registry—only proceed if you trust @membranehq; (2) the workflow opens a browser for authentication and creates connections that authorize access to your Cafe24 store—review the scopes you grant; (3) on shared or locked systems avoid global npm -g installs (use npx or a local install); (4) because this is an instruction-only skill, there are no code files to scan locally—verify the Membrane project (homepage/GitHub) and the @membranehq/cli package if you want additional assurance.

Like a lobster shell, security has layers — review code before you run it.

latestvk97av0qcmyj3s0yehadt5dndc1843xgf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments